[tor-dev] Proposal 351: Making SOCKS5 authentication extensions extensible
Nick Mathewson
nickm at freehaven.net
Tue Sep 10 18:04:48 UTC 2024
On Tue, Sep 10, 2024 at 9:25 AM Q Misell via tor-dev
<tor-dev at lists.torproject.org> wrote:
>
> Is there a reason why this proposal extends the existing username/password auth, instead of defining a new SOCKS5 authentication type? c.f. https://datatracker.ietf.org/doc/html/rfc1928#section-3
Indeed there is! The one I was thinking of the most is this:
"Our use of SOCKS5 Username/Passwords here (as opposed to some other,
new authentication type) is based on the observation that many
existing SOCKS5 implementations support Username/Password, but
comparatively few support arbitrary plug-in authentication."
In other words, almost any application that has a working SOCKS5
library can use this system, whereas if we were to define a new
authentication type, nearly every application would need to patch
their SOCKS5 library, since most SOCKS5 libraries don't let you define
new authentication types.
This wouldn't be so bad for applications that implement SOCKS5
themselves, of course.
--
Nick
More information about the tor-dev
mailing list