[tor-dev] DNS resolution isolation in Tor Browser
teor
teor2345 at gmail.com
Fri Jun 15 01:58:15 UTC 2018
> On 15 Jun 2018, at 09:16, nusenu <nusenu-lists at riseup.net> wrote:
>
>
> Thanks for the replies.
>
>
> Does tor simply assume (try) that the exit policy allows the destination
> address (not the port) or does it check the exit policy before selecting
> the circuit?
> (in that case it would have to know the destination IP
> before building or at least selecting the circuit to use)
Most tor clients use microdescriptors, which only contain a port summary:
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n1494
Clients check the port, and assume that the DNS name will resolve to an IPv4
address allowed by the exit.
T
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20180615/4628e4ed/attachment.html>
More information about the tor-dev
mailing list