<p>For what it's worth, I choose not to run both tahoe and tor at the same time. Both provide services to other people, and the quality of those services is in large part determined by how much upstream bandwidth I let them consume. On a 1mbit upstream home cable connection, I would rather provide one good service than two poor ones.</p>
<p>Thanks,<br>
Eric<br>
</p>
<div class="gmail_quote">On Jul 10, 2012 4:38 AM, "Greg Troxel" <<a href="mailto:gdt@ir.bbn.com">gdt@ir.bbn.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
It seems people are only aware of the last feature because of the<br>
poorly chosen name. IMO, the "hidden" aspect is one of the less<br>
interesting features. I've heard a rumor that there's a proposal to<br>
make a version of this feature which provides the other features<br>
without the hidden part for the benefit of lower latency.<br>
<br>
<br>
An important point is that hidden services consume resources on other<br>
people's systems, and those systems are volunteered for the purpose of<br>
providing anonymity. The use of bittorrent is discouraged over tor, not<br>
because of philosophical objections, but because the tor network can't<br>
really handle the load. So while I think tahoe-lafs should work over<br>
tor, I don't think it's entirely responsible (to the set of people that<br>
volunteer tor relays) to suggest routine use of tor merely for firewall<br>
traversal.<br>
<br>
That said, it seems connecting to hidden services doesn't require exit<br>
relay use, so hidden services tread more lightly on the really scarce<br>
resource; non-exit relays are much easier to come by.<br>
<br>
As for connection capability: onion addresses are an 80 bit substring<br>
of a public key hash, so that's 80 bits of unguessable [1]. The<br>
design doc [2] does not mention a goal such as "undiscoverability"<br>
which would be necessary for capabilities (ie: You can only learn an<br>
onion by generating one or being told one out of band, but not by<br>
sniffing tor introducer or directory service traffic). However, from<br>
chatting with tor devs I believe this may be an implemented feature.<br>
I'm still browsing source code and specs to see if that's true.<br>
<br>
My gut feeling is that it's a bad idea to use tor addresses as<br>
capabilities in a system that needs capabilities from other transports.<br>
Instead, I would treat onion addresses simply as addresses. I see the<br>
point about perhaps eking out a bit of efficiency, but I think it adds<br>
complexity, fragility, and testing difficulty that greatly outweight the<br>
win.<br>
<br>
<br>_______________________________________________<br>
tahoe-dev mailing list<br>
<a href="mailto:tahoe-dev@tahoe-lafs.org">tahoe-dev@tahoe-lafs.org</a><br>
<a href="https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev" target="_blank">https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev</a><br>
<br></blockquote></div>