[tor-dev] [RFC] control-spec: Specify add/remove/view client auth commands (client-side).
George Kadianakis
desnacked at riseup.net
Mon May 6 17:04:51 UTC 2019
Mark Smith <mcs at pearlcrescent.com> writes:
> On 5/6/19 11:19 AM, George Kadianakis wrote:
>> Hello list,
>>
>> here is a control spec patch for adding v3 client auth commands to
>> add/remove/view clients from the client-side (so Tor Browser -> Tor):
>> https://github.com/torproject/torspec/pull/81/commits/3a26880e80617210b4729f96664ef9f0345b0b7c
>>
>> I'm currently unhappy with the naming of those commands, and in general
>> with how easy it is to confuse them with the (non-existent) service-side
>> commands. I'm wondering how to name them better so that when we add the
>> respective service-side commands (at some point we should) there is no
>> confusion.
>>
>> Let me know what you think!
>
> Thanks for working on this. I have a couple of comments:
>
> 1. How does Permanent get set? Should there by an option added to
> ADD_ONION_CLIENT_AUTH to let the client say "store this on disk"?
>
Yes we do want that! We just thought it adds to engineering complexity and
it shouldn't get in as part of the first implementation (i.e. as an s27-must).
I will still add it to the spec, and just not implement it.
> 2. For VIEW_ONION_CLIENT_AUTH it would be nice if the HSAddress
> parameter was optional. We may want to build an interface that allows
> users to see all of their keys and choose which ones to remove, etc.
>
Good point! Will do.
Will probs have a revision for this list tomorrow!
More information about the tor-dev
mailing list