Hi, So I was thinking, perhaps incorrectly, that ng-rend-spec doesn't do enough to protect very public onion services. Sure, there are advantages to the proposed changes. What if the adversary is also someone who can derive the credentials? Encrypted descriptors don't do much if you can throw SIGINT at HSDirs to determine when they're used. Even less if you happen to be a HSDir who knows a list of public onion services and you want to know if you're in possession of any of their descriptors. If you happen to be using OnioNS you've got another contributing factor in the form of the onion service lookup leaking intent to resolve.
Tell me I'm just being paranoid. --leeroy -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
