[tor-dev] Tor and Namecoin
George Kadianakis
desnacked at riseup.net
Tue Aug 2 13:54:00 UTC 2016
George Kadianakis <desnacked at riseup.net> writes:
> [ text/plain ]
> Jeremy Rand <jeremyrand at airmail.cc> writes:
>
>> [ text/plain ]
>> Hello Tor devs,
>>
>> Namecoin is interested in collaboration with Tor in relation to
>> human-readable .onion names; I'm reaching out to see how open the Tor
>> community would be to this, and to get feedback on how exactly the
>> integration might work.
>>
>> The new hidden service spec is going to substantially increase the
>> length of .onion names, which presents usability concerns. Namecoin
>> provides a way to resolve a human-readable .bit name to a .onion name.
>> Another benefit of Namecoin is that it provides a way to lookup TLS
>> fingerprints for clearnet .bit sites, which reduces the risk of MITM
>> attacks on clearnet websites from malicious or compromised CA's.
>>
>> <snip>
>>
>> There are a few options I can think of for integrating this with Tor for
>> .onion naming. One would be to modify OnioNS to call the Namecoin SPV
>> client. This would concern me because OnioNS is in C++, which
>> introduces the risk of memory safety vulnerabilities. Another would be
>> to use an intermediate proxy like Yawning's or-ctl-filter. A third
>> option would be to try to get external name resolution implemented in
>> Tor itself, which I believe Jeff Burdges has suggested in the past. If
>> Option A or B is used, any solution would need to pass the stream
>> isolation info to the SPV client.
>>
>
> Hello Jeremy,
>
> I'm a big noob when it comes to blockchains, namecoin, SPV clients and such, so
> I'm mainly going to focus on how to integrate this with Tor.
>
> It seems to me that a plausible way to kickstart this big project would be to
> make an unofficial add-on for TBB that can do the namecoin dance. People can
> then install it and experiment with it. If it fits the Tor use case well, then
> a community might be formed that will push this project forward even more.
>
> If it's an optional add-on, we also don't have to worry that much about the
> 400MB blockchain size, since it's gonna be optional and only people who want it
> will have to download it. This way we can learn how much of a problem the
> download size is anyway (it seems to me like a total blocker for people in
> non-western fast-internet countries).
>
> That's why I would suggest experimenting with the first two approaches you
> mentioned that don't require a modification to Tor's protocol.
>
On this front, please check out Nick's new mail showing how to integrate
external name resolvers into Tor:
https://lists.torproject.org/pipermail/tor-dev/2016-August/011253.html
More information about the tor-dev
mailing list