-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 09/28/2015 01:34 PM, Jeff Burdges wrote: > On Sun, 2015-09-27 at 22:31 +0000, Jeremy Rand wrote: >> >> Hi Jeff, >> >> Thanks for working on this; Namecoin is definitely interested in >> this effort. I have one comment. SPV-based Namecoin clients >> will, under some circumstances, generate network traffic to >> other Namecoin P2P nodes containing names being looked up. To >> avoid linkability, stream isolation should be used so that >> different Namecoin lookups go over different Tor circuits if the >> lookups correspond to TCP streams that go over different Tor >> circuits. (Also, the choice of Namecoin nodes to peer with should >> be different for each identity.) Therefore, it seems to me that >> there should be a mechanism for Tor to provide stream isolation >> information to the naming systems that it calls, along with "new >> identity" commands. >> >> The above issue doesn't affect full Namecoin clients, or SPV >> Namecoin clients that download the full unspent domain name set. >> I don't know enough about the GNU Name System to know how this >> issue affects it, if at all. >> >> Thoughts on this? > > Yes. I distrust running p2p applications not specifically > designed for Tor over Tor. The GNU Name System will therefore run > the DHT process on volunteer Tor exist nodes, much like how DNS > queries are handled by exit nodes. > > Imho, Namecoin should similarly develop a Tor Namecoin shim client > that contacts special SPV Namecoin clients running on volunteer > exit nodes. I'm working on a second torspec proposal that adds an > AnycastExit option to simplify this. > > In the long term, there are obviously concerns about bad exit > nodes, especially if there are only like two exits supporting > Namecoing or GNS, but currently so few people use GNS or Namecoin > that we can probably ignore this.
Hi Jeff, Do I infer correctly that the main intention of this is to decrease the possibility of attack by a Sybil attack on the Namecoin network, by making the Namecoin peer selection process have similar properties to Tor relay selection (which is relatively Sybil-resistant)? (And I guess this would also eliminate issues where a Tor client connects to a Namecoin peer who also happens to be his/her guard node.) If so, I think I cautiously agree that this may be a good idea. (I haven't carefully considered the prospect, so there may be problems introduced that I haven't thought about -- but from first glance it sounds like an improvement over what Namecoin does now, at least in this respect.) The issue I do see is that SPV validation doesn't work well unless you ask multiple peers to make sure that you're getting the chain with the most PoW. So I gather that this would require connecting to Namecoin peers running on multiple exit nodes. I don't think that's problematic, but it would have to be taken into account. - -Jeremy -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWCeJpAAoJEAHN/EbZ1y06h8oQAJGATJdiWg12mcRsZJ8RQeUX mkTw+CYRMqptqt1J2PjG2g0nTIRyrwmG/coufMhPNMJBfiOKRxNvnSO/QxotUZmx 0xqzTHoaWOvNokjkGumg2J44RRFtFMPZp4/W0fpAIX820ch13f4C0RTt1qH4Asxd PFlt/LXlVtaBHthBeAh8GNfPOmQJG0hPxLg0pP8sD2CrfvXk1VaW+dyHAvqJrPcG CjYcgKsnzYX/FG558Kd7tfCosV95GQujMUY1AUkS7WZjU/vDXFnjZPkGjnBBOWwB vWEYCrLMmkJWBFyTaJvdy5M39+RiXB29YlMvwOb/+dZ5QhsutU/43cP2Bi4lEqay 5ozNpDQdKEZt5Zzxs75Uad5+zEuvSg05OUEHAMgWjZQWnObnCvskWS+G2cIsgyKE LkwntN2Njpn6UmSTQpVhakEWIcQ4n8qX6jZyw9mLxGuA4Vjlxptv40J64VvDjLri eyokAEFO8kYtGD+3tRfj/bUjJ94q2Fb23M9Wtp93KwbhUkc6ZlZmCWtAYzNhev9e ByjQhTcj0Y29VkS735ey0ux89FqewXR756crC63a7S2sLsU4mT8CjVcQCc+RGhbD lcv0CbSe8zo4+RrS1yWCaPZu1sLEVKFs1m4629/zZqtusUONLNs064sfmKCa5ZZA IAu2MwkFBJqsBi1m35nU =WrEQ -----END PGP SIGNATURE----- _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev