--- On Wed, 11/10/10, Robert Ransom <rransom.8...@gmail.com> wrote: > Martin Fick <mogul...@yahoo.com> > wrote: > > > I have a question related to the tor client > > and hidden service protocol designs which > > may be relevant? Can a tor client/hidden > > service sitting behind a NATting router > > query its router's internet facing public IP > > from other tor nodes? > > Yes. Current Tor relays send the IP address of the > other node in a > NETINFO cell at the beginning of each TLS connection. > > > > If so, could the > > protocol be changed to prevent this somehow? > > No. This would break both bridges and relays operated > behind a NAT, > even with the ORPort forwarded to the internal IP address > on which the > bridge or relay is listening.
I suspected so. Do you agree that it would be valuable if the change were possible? It seems like changing the protocol to use another port (to easily be able firewall it) to get sensitive info for bridges and relays might make clients and hidden services much more easily securable. I realise that this likely a major change, but if it could make all tor users much more secure... (would it?) Thanks, -Martin *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/