Re: [tor-dev] Constraining Ephemeral Service Creation in Tor

2016-09-29 Thread bancfc
On 2016-09-29 08:38, teor wrote: On 28 Sep 2016, at 07:59, ban...@openmailbox.org wrote: Hello, We are working on supporting ephemeral onion services in Whonix and one of the concerns brought up is how an attacker can potentially exhaust resources like RAM. CPU, entropy... on the Gateway (or s

Re: [tor-dev] prop224: Ditching key blinding for shorter onion addresses

2016-09-29 Thread Jeff Burdges
On Wed, 2016-09-28 at 19:45 -0400, Jesse V wrote: > I am curious, what is your issue with the subdomains? Are you > referring to enumerating all subdomains, or simply being able > to confirm that a particular subdomain exists? Yes, confirmation of subdomans can become a problem in some contexts w

Re: [tor-dev] Reducing initial onion descriptor upload delay (down to 0s?)

2016-09-29 Thread teor
> On 29 Sep 2016, at 08:06, Ivan Markin wrote: > > teor: >> Submit a patch on the ticket that changes the interval to 5 seconds, and >> see if it gets accepted before the code freeze: >> https://trac.torproject.org/projects/tor/ticket/20082 >> >> It would help to come up with a reasoned argumen

Re: [tor-dev] Reducing initial onion descriptor upload delay (down to 0s?)

2016-09-29 Thread Ivan Markin
teor: > Submit a patch on the ticket that changes the interval to 5 seconds, and > see if it gets accepted before the code freeze: > https://trac.torproject.org/projects/tor/ticket/20082 > > It would help to come up with a reasoned argument why 5 seconds is better > than 30 seconds, and why it can

Re: [tor-dev] Reducing initial onion descriptor upload delay (down to 0s?)

2016-09-29 Thread isis agora lovecruft
meejah transcribed 2.0K bytes: > Ivan Markin writes: > > > IMO an onion service should publish its first descriptor instantly. If > > something happens afterwards and one has to fix the descriptor - deal > > with it with backoff/delay to prevent DoS on HSDirs. > > +1 > > txtorcon only ever wait