[tor-dev] Proposition: Applying an AONT to Prop224 addresses?

Alec Muffett alec.muffett at gmail.com
Mon Apr 3 15:40:52 UTC 2017


On 3 Apr 2017 3:48 p.m., "Ian Goldberg" <iang at cs.uwaterloo.ca> wrote:

The other thing to remember is that didn't we already say that

facebookgbiyeqv3ebtjnlntwyvjoa2n7rvpnnaryd4a.onion

and

face-book-gbiy-eqv3-ebtj-nlnt-wyvj-oa2n-7rvp-nnar-yd4a.onion

will mean the same thing?  So we're already past the "one (st)ring to
rule them all" point?


That's a great point, and I'm definitely interested and in favour of
readability.

How about this, though: I know that Tor doesn't want to be in the business
of site reputation, but what if (eg) Protonmail offers a Onion "Safe
Browsing" extension some day, of known-bad Onions for malware reasons?

There's quite a gulf between stripping hyphens from a candidate onion
address and doing strcmp(), versus either drilling into the candidate
address to compute the alternative forms to check against the blacklist, or
even requiring the blacklist to be 8x larger?

-a
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20170403/78bd5b56/attachment.html>


More information about the tor-dev mailing list