On 14 October 2017 at 19:43, dawuud
<dawuud@riseup.net> wrote:
Plaintext communications intermediaries like tor2web violate the end
to end principle and the principle of least authority. If we as the
Tor community are committed to human rights then it follows we would
abolish terrible things like tor2web or at least frown upon it's use.
I would recommend continuing to enable/support Tor2Web, or at least not moving to make such a solution inoperable.
v2 onion service Tor2web would be easy for HSDirs to block, due to an
implementation bug. We've chosen not to block it. But we haven't spent
much time on fixing its bugs, either.
As far as I am aware, no-one is writing Tor2web for v3 onion services.
We have open tickets for protecting relays that handle onion service traffic
from knowing both the client and service IP address.
So if anyone does write v3 Tor2web, they will need to write it so it:
* uses a 3-hop path for all descriptors, because otherwise that can be used
for a selective denial of service;
* uses a 3-hop path to connect to intro and rend when a descriptor has the
single onion service flag;
* retry using a 3-hop path on failure (internal reachability or actual connection
failure)
And I'm not sure whether we would merge this feature into core tor, due to the
user security issues that David and others have mentioned.
T