[tor-dev] Special-use-TLD support
Jeremy Rand
biolizard89 at gmail.com
Tue Sep 29 00:59:32 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 09/28/2015 01:34 PM, Jeff Burdges wrote:
> On Sun, 2015-09-27 at 22:31 +0000, Jeremy Rand wrote:
>>
>> Hi Jeff,
>>
>> Thanks for working on this; Namecoin is definitely interested in
>> this effort. I have one comment. SPV-based Namecoin clients
>> will, under some circumstances, generate network traffic to
>> other Namecoin P2P nodes containing names being looked up. To
>> avoid linkability, stream isolation should be used so that
>> different Namecoin lookups go over different Tor circuits if the
>> lookups correspond to TCP streams that go over different Tor
>> circuits. (Also, the choice of Namecoin nodes to peer with should
>> be different for each identity.) Therefore, it seems to me that
>> there should be a mechanism for Tor to provide stream isolation
>> information to the naming systems that it calls, along with "new
>> identity" commands.
>>
>> The above issue doesn't affect full Namecoin clients, or SPV
>> Namecoin clients that download the full unspent domain name set.
>> I don't know enough about the GNU Name System to know how this
>> issue affects it, if at all.
>>
>> Thoughts on this?
>
> Yes. I distrust running p2p applications not specifically
> designed for Tor over Tor. The GNU Name System will therefore run
> the DHT process on volunteer Tor exist nodes, much like how DNS
> queries are handled by exit nodes.
>
> Imho, Namecoin should similarly develop a Tor Namecoin shim client
> that contacts special SPV Namecoin clients running on volunteer
> exit nodes. I'm working on a second torspec proposal that adds an
> AnycastExit option to simplify this.
>
> In the long term, there are obviously concerns about bad exit
> nodes, especially if there are only like two exits supporting
> Namecoing or GNS, but currently so few people use GNS or Namecoin
> that we can probably ignore this.
Hi Jeff,
Do I infer correctly that the main intention of this is to decrease
the possibility of attack by a Sybil attack on the Namecoin network,
by making the Namecoin peer selection process have similar properties
to Tor relay selection (which is relatively Sybil-resistant)? (And I
guess this would also eliminate issues where a Tor client connects to
a Namecoin peer who also happens to be his/her guard node.) If so, I
think I cautiously agree that this may be a good idea. (I haven't
carefully considered the prospect, so there may be problems introduced
that I haven't thought about -- but from first glance it sounds like
an improvement over what Namecoin does now, at least in this respect.)
The issue I do see is that SPV validation doesn't work well unless you
ask multiple peers to make sure that you're getting the chain with the
most PoW. So I gather that this would require connecting to Namecoin
peers running on multiple exit nodes. I don't think that's
problematic, but it would have to be taken into account.
- -Jeremy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWCeJpAAoJEAHN/EbZ1y06h8oQAJGATJdiWg12mcRsZJ8RQeUX
mkTw+CYRMqptqt1J2PjG2g0nTIRyrwmG/coufMhPNMJBfiOKRxNvnSO/QxotUZmx
0xqzTHoaWOvNokjkGumg2J44RRFtFMPZp4/W0fpAIX820ch13f4C0RTt1qH4Asxd
PFlt/LXlVtaBHthBeAh8GNfPOmQJG0hPxLg0pP8sD2CrfvXk1VaW+dyHAvqJrPcG
CjYcgKsnzYX/FG558Kd7tfCosV95GQujMUY1AUkS7WZjU/vDXFnjZPkGjnBBOWwB
vWEYCrLMmkJWBFyTaJvdy5M39+RiXB29YlMvwOb/+dZ5QhsutU/43cP2Bi4lEqay
5ozNpDQdKEZt5Zzxs75Uad5+zEuvSg05OUEHAMgWjZQWnObnCvskWS+G2cIsgyKE
LkwntN2Njpn6UmSTQpVhakEWIcQ4n8qX6jZyw9mLxGuA4Vjlxptv40J64VvDjLri
eyokAEFO8kYtGD+3tRfj/bUjJ94q2Fb23M9Wtp93KwbhUkc6ZlZmCWtAYzNhev9e
ByjQhTcj0Y29VkS735ey0ux89FqewXR756crC63a7S2sLsU4mT8CjVcQCc+RGhbD
lcv0CbSe8zo4+RrS1yWCaPZu1sLEVKFs1m4629/zZqtusUONLNs064sfmKCa5ZZA
IAu2MwkFBJqsBi1m35nU
=WrEQ
-----END PGP SIGNATURE-----
More information about the tor-dev
mailing list