[tor-dev] onion v2 deprecation plan?
George Kadianakis
desnacked at riseup.net
Thu Apr 26 10:02:03 UTC 2018
nusenu <nusenu-lists at riseup.net> writes:
> Hi,
>
> even though you are probably years away from deprecating onion v2 services
> it is certainly good to have a clear plan.
>
> I'm asking because the sooner onion v2 are deprecated the sooner some
> people can stop worrying about malicious HSDirs.
>
Yes indeed. The sooner we deprecate v2 the sooner we can stop worrying
about malicious HSDirs. And also we will be able to reduce the
requirements for becoming an HSDir which will strengthen and make our
network more robust.
That said, I think we are unfortunately still far from deprecating v2
onions:
The first actual step to v2 deprecation, is to make v3 the default
version. But to get there, we first need to solve various bugs and
issues with the current v3 system (#25552, #22893, #23662, #24977,
etc.). We also need to implement various needed features, like offline
keys (#18098), client-authorization (#20700 ; WIP https://github.com/torproject/tor/pull/36),
control port commands like HSFETCH (#25417) and revive onionbalance for
v3. We might also want to consider possible improvements to the UX of
long onion names (like #24310) (https://blog.torproject.org/cooking-onions-names-your-onions).
After we do most of the above, we can turn the switch to make v3 the
default, and then we need to wait some time for most of the users to
migrate from v2 to v3. After that we can initiate the countdown, and
eventually deprecate v2s for real.
It's hard to provide an actual timeline for the above right
now. However, we are currently applying for some onion-service-related
grants, and hopefully if we get them we will have the funding to
accelerate the development pace.
Cheers!
More information about the tor-dev
mailing list