-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Nick!
Nick Mathewson:
> Section 2.1 and elsewhere:
>
> I suggest that we require all address suffixes to end with .onion;
> other TLDs are not reserved like .onion is, and maybe we shouldn't
> squat any we haven't squatted already.
FWIW it's
Hello, Tor devs!
We have just published a (not yet peer-reviewed) technical report entitled
"Anomalous keys in Tor relays." https://nymity.ch/anomalous-tor-keys/
The project was inspired by the "Mining Your P's and Q's" paper from Heninger
et. al., and in it, we take a closer look at the RSA k
On 5 April 2017 at 15:11, Ian Goldberg wrote:
> I believe the danger Alec was wanting to avoid was that someone (not the
> onion service owner) could take an existing onion address, bump the
> version number (which wouldn't change the vanity beginning of the
> address), and upload the very same d
On Wed, Apr 05, 2017 at 10:02:07AM -0400, David Goulet wrote:
> Another thing about this I just thought of. This AONT construction seems wise
> to use. But it's still not entirely clear to me why we need a 1bit version
> field. Taking this:
>
> base64( AONT( pubkey || 0x ) || version)
>
>
On 05 Apr (09:50:38), David Goulet wrote:
> On 27 Mar (04:58:34), Ian Goldberg wrote:
> > On Mon, Mar 27, 2017 at 01:59:42AM -0400, Ian Goldberg wrote:
> > > > To add an aside from a discussion with Teor: the entire "version" field
> > > > could be reduced to a single - probably "zero" - bit, in a
On 27 Mar (04:58:34), Ian Goldberg wrote:
> On Mon, Mar 27, 2017 at 01:59:42AM -0400, Ian Goldberg wrote:
> > > To add an aside from a discussion with Teor: the entire "version" field
> > > could be reduced to a single - probably "zero" - bit, in a manner perhaps
> > > similar to the distinctions b
Ian Goldberg writes:
> On Mon, Apr 03, 2017 at 02:53:17PM +0100, Alec Muffett wrote:
>> On 3 April 2017 at 13:04, George Kadianakis wrote:
>>
>> > I'm calling it weird because I'm not sure how an
>> > attacker can profit from being able to provide two addresses that
>> > correspond to the same
Jeremy Rand writes:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hello!
>
> Maybe this topic has already been brought up, but in case it hasn't,
> I'll do so. I notice that Prop279 (onion naming API) defines its own
> API rather than using DNS. I guess that this is because of securit
Nick Mathewson:
[...]
> 5. tbb.json
> Allows "SETEVENTS STREAM" and "GETINFO circuit-status", for which see
> "onioncircuits" above.
> =
> Filters from
> https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/etc/tor-controlport-filter.d
[...]
> 3. tor-browser.yml
> As "tbb.
