"Bernhard R. Fischer" <b...@abenteuerland.at> writes: > On 02.12.19 09:55, grarpamp wrote: >> >> Either HSv2 support must not be allowed to go away, >> or onioncat must be made to work with HSv3. >> Otherwise tor permanently loses a major onionland capability. >> > > Definitely. > > For v3 to integrate smoothly into OnionCat (and similar services), any > kind of external mapping database is necessary (as I already mentioned > in an earlier post). >
Hello there, I appreciate your excitement about onioncat and sympathize with your frustration about support going away. I'd like to find a way to keep on supporting this use case but these things are not easy. They are actually quite hard: > I suggest 2 possible options: > > 1) Integrate v2->v3 lookup mechanism (I call it hs descriptor v2a) into > the HS directory. It should be like a v2 descriptor, but containing the > v3 public id and being signed by the v3 key, which is found in the > according v3 desriptor. > A v2 descriptor cannot be signed by a v3 key, because a v2 descriptors needs an RSA signature and v3 keys are ed25519. This means that v2a would be a brand new descriptor type, which means tons of engineering work (but we already knew that because the lookup algorithm below is also tons of work). At that point it doesn't make sense to call it v2a, you can just call it OnionCatDescriptor. OnionCatDescriptor is a document that can be fetched and verified using the entropy available in an IPv6 onioncat address and somehow redirects you to a v3 descriptor. I know I said that this is tons of work, but everything is tons of work in this life, so if you want to proceed with this project, the next step would be to write a proper Tor proposal on how this would work, then post it in this list and let the fun begin. As a final note and as my personal opinion, I don't think onioncat support is gonna stop v2 deprecation. v2 addresses are 80-bit and can be literally brute-forced and impersonated with the current human technology, so their deprecation is already too late. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
