On Wed, 19 Sep 2012 02:05:30 -0400 Gregory Maxwell <[email protected]> wrote:
> It seems to me that there is a common expectation is that onion urls > provide a degree of name privacy— generally, if someone doesn't know > your name they can't find you to connect to you. If someone violates > that expectation it risks harming people until the new risks are well > known (and still even then some, as no matter how well known it is > some people will miss the fact that something enumerates the darn > things) From tor manual: " HiddenServiceAuthorizeClient auth-type client-name,client-name,... If configured, the hidden service is accessible for authorized clients only. The auth-type can either be 'basic' for a general-purpose authorization protocol or 'stealth' for a less scalable protocol that also hides service activity from unauthorized clients. Only clients that are listed here are authorized to access the hidden service. Valid client names are 1 to 19 characters long and only use characters in A-Za-z0-9+-_ (no spaces). If this option is set, the hidden service is not accessible for clients without authorization any more. Generated authorization data can be found in the hostname file. Clients need to put this authorization data in their configuration file using HidServAuth " _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
