adns and TOR

Werner Koch wk at gnupg.org
Wed Oct 21 22:00:47 CEST 2015


On Wed, 21 Oct 2015 14:05, jacob at appelbaum.net said:

> Authentication is actually important for Tor but not for obvious
> reasons. We use it to signal that we'd like a new Tor circuit. A

Yeah, someone told me that but to keep things easy I will ignore this
for the first version.  But it needs to be considered for the next
Libassuan release which will have the SOCKS5 code.  Libassuan is the IPC
library but also features a socket wrapper layer.

> Tor, not TOR. Also - if you want to connect to a .onion (eg: our soon

[Okay:  9ffcb77 Change capitalization of TOR to Tor.]

> to be published RFC 7686) - you need to use a proxy that supports it
> OR you need an OS that transparently routes TCP traffic into that
> proxy. If you're not using SOCKS5 (or SOCKS4a) then you're going to
> have trouble resolving .onion names - please see RFC 7686 in the next

Good point.  This needs to be addressed.  I hoped to delay that until I
am ready to move the assuan socket wrappers into libgpg-error (common
code for all GnuPG related projects).  But it seems I need to write
assuan_sock_connect_byname(), which will be a combination of
socket()+connect(), earlier.  However this is not DNS related, or well,
only at a different layer.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list