ion of if Knock one
day could be used in a large scale.
You can find sources, binaries and a more elaborate description here:
https://gnunet.org/knock_nat_tester
Technical details about Knock and a (somewhat outdated) research paper
as well as kernel patches are provided here:
https://gnunet.org/knoc
On Tue, 04 Dec 2012 18:51:16 +0100
Michael Zeltner wrote:
> Excerpts from Julian Yon's message of 2012-12-04 14:10:50 +0100:
> > On Tue, 4 Dec 2012 13:25:15 +0100
> > Jorge Couchet wrote:
> >
> > > I'm working with the ticket 7549
> > > (htt
;t
have to handle any of the hard stuff. Just ping it a request like GET
http://onionoo.local/details?search=10.9.8.7&type=relay and parse the
returned JSON to check the exit policy.
Julian
--
3072D/F3A66B3A Julian Yon (2012 General Use)
signatur
ripts via NoScript; this provides the
ability to selectively enable scripting on sites you trust. However,
Tor itself is agnostic to what you use it for. If you write an
application that can talk to a SOCKS proxy, it can be pointed directly
at Tor with no need to interface with the browser.
Julian
-
On Tue, 27 Nov 2012 20:53:03 -0500
Nick Mathewson wrote:
> On Tue, Nov 27, 2012 at 10:08 AM, Julian Yon
> wrote:
> >
> > So, perhaps have a cache but only consult it for making decisions
> > about whether to use a circuit, not for resolving client requests?
> > Alt
change to the microdescriptor. Obviously the client can
cache this info, and any node which subsequently doesn't honour its
declared policy can still be (temporarily?) blacklisted.
(Please forgive me if I'm missing something obvious. I'm not yet as
familiar with Tor's inner wo
le compromise: A stream level XOFF/XON instead of SENDME would
allow us to save the flow control bandwidth for properly flowing
streams and still have a way to deal with stalled ones.
Julian
--
3072D/F3A66B3A Julian Yon (2012 General Use)
signat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/27/2012 08:26 PM, Matthew Finkel wrote:
>
> Ah, I apologize, I thought having optional runtime deps were
> possible. I also agree that is should be obvious but I've learned
> to err on the side of caution, if possible.
Optional runtime-ONLY dep
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
12 Aug 22:56 Mansour Moufid:
> Even with webrsync you still have to trust the mirror(s), and then
> the Gentoo release infrastructure...
Forgive me my bluntness, but how is that different from trusting you?
The methods are reliable, being Manifests a
time. At this point the nym can be hijacked as no
secret is needed to claim it.
Am I missing something?
Julian
--
3072D/F3A66B3A Julian Yon (2012 General Use)
signature.asc
Description: OpenPGP digital signature
___
tor-dev mailing list
tor-dev@l
vices widely used, frequently seen with SSL support, that
> handle traffic that kinda looks like Tor's and are easily
> implementable, are also welcome.
People use SMTP, POP, IMAP, XMPP over SSL (off the top of my head). Not
sure any of them look convincingly like web traffic though.
ut this but it wasn't
clear whether he was intending to write the idea off entirely or whether
there was room to explore it further.
Julian
--
3072D/D2DE707D Julian Yon (2011 General Use)
signature.asc
Description: OpenPGP digital signature
__
7;t know enough about this. I'll have to read the documents before I
can comment.
J
--
3072D/D2DE707D Julian Yon (2011 General Use)
signature.asc
Description: OpenPGP digital signature
___
tor-dev mailing list
tor-dev@lists.torproject.org
htt
#x27;s certainly subtle. You're left with the problem of what the client
should do if it can't authenticate the bridge. It still needs to send
something down the pipe that it opened, and the server still needs to
respond to that, otherwise the unused connection will look
t (or just the URL),
the shared secret and the bridge's TLS cert. If there's a MITM then the
client will compute a different ETag (due to the wrong cert) and can
close the connection. Otherwise it can immediately initiate the full
authorisation sequence.
(NB. I'm not a cryptographer
15 matches
Mail list logo
