On 12/10/19, George Kadianakis <desnac...@riseup.net> wrote: > As a final note and as my personal opinion, I don't think onioncat > support is gonna stop v2 deprecation. v2 addresses are 80-bit and can be > literally brute-forced and impersonated with the current human > technology, so their deprecation is already too late.
To be clear for users... "deprecation" = arbitrary permanent forced shutdown and removal of all v2 onions, use cases, applications, user preferences, etc therein. As to "80-bit" and other v2 vs v3 differences not denoted above (see "table" below), those aren't actually sufficient reasons to kill v2, when, again, ... From the perspective of users who select to use v2 pursuant to evaluation of its features, tradeoffs, security, etc... v2 is NOT a problem for them. For example... Bittorrent file distribution clouds operating entirely within onionland (no exit). BT protocol already rejects bad nodes, data that doesn't match infohash, etc. Also such evaluation will have obviously noted that BT over any overlay network, is far more resistant to censorship, even say to MAFIAA for those demonstrating the pointlessness of Copyright Regimes), etc... than over clearnet. Comparatively speaking, tor+OnionCat offers a huge win for BT users in some of those areas. Other P2P protocols may have similar semantics, and enjoy similar benefits... cryptocurrency, distributed filesystems, YouTube replacements, etc. VoIP... users already know the voice of their peer, the context of convo, and other authentication keys. For general non-critical casual usage... social convos among friends over tor using existing softphone apps (utilizing: IPv6/UDP)... no one really cares. Being able to run whatever apps they want over the general protections afforded by any overlay network is more important. There are many use cases in which any tradeoffs between v2 and v3 regarding "80-bit" "presence" "harvesting" etc are either 100% superceded by the need for IPv6/UDP in the users particular use case, or are further offset due to the users use case not needing such levels of security. That choice is up to the users to make, not Tor. Rather than arbitrarily killing v2, a better way to go is... Set v3 to be the default and promoted version. Bring v2 up to date as close as possible to v3 in both code diffs and security design semantics. Split out and modularize v2 wherever it may be entangled with and holding up other code and design areas. Provide an unbiased and complete comparison table of all the v2 vs v3 tradeoffs, features, design, use cases. Point v2 client and HSDir manpage sections to the table, ship the table in the docs, onsite, etc. Relay nodes can participate in supporting the onion community via their role in v2 HSDir function as always. Community of v2 could maintain v2 as a module if desired. Alternatively, create a v4 that can integrate with or provide what OnionCat does (network interface for raw IPv6 transport including UDP support over tor onionland). > work Tor has a multi-$Million dollar budget, so that's not much argument against v2 or anything else. Especially compared to other similar and sized projects with far less or no funds. A side layer may develop. Another overlay network may also do things. Use cases and acceptable tradeoffs do exist for both v2 and v3. While that remains the case, killing off either of them would seem questionable. Here are some fun use cases for tor, and other overlay networks, that users are free to build, some of which may require OnionCat... https://www.torproject.org/ https://www.onioncat.org/ git://erdgeist.org/opentracker https://transmissionbt.com/ https://ceph.io/ https://en.wikipedia.org/wiki/LizardFS https://bitcoin.com/ https://en.wikipedia.org/wiki/Tox_(protocol) https://en.wikipedia.org/wiki/Comparison_of_VoIP_software https://en.wikipedia.org/wiki/Comparison_of_instant_messaging_clients https://en.wikipedia.org/wiki/Comparison_of_instant_messaging_protocols https://en.wikipedia.org/wiki/List_of_SIP_software https://en.wikipedia.org/wiki/Clustered_file_system#Distributed_file_systems https://en.wikipedia.org/wiki/List_of_file_systems#Distributed_parallel_fault-tolerant_file_systems Have fun :) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk