[tahoe-lafs-trac-stream] [Tahoe-LAFS] #1010: anonymous client mode

Tahoe-LAFS trac at tahoe-lafs.org
Tue Aug 30 07:00:11 UTC 2016 

#1010: anonymous client mode
-------------------------+-------------------------------------------------
     Reporter:  duck     |      Owner:  warner
         Type:           |     Status:  new
  enhancement            |
     Priority:  minor    |  Milestone:  1.12.0
    Component:  code-    |    Version:  1.6.1
  network                |   Keywords:  privacy anonymity docs anti-
   Resolution:           |  censorship forward-compatibility i2p-collab i2p
Launchpad Bug:           |  tor-protocol
-------------------------+-------------------------------------------------
Changes (by warner):

 * milestone:  1.13.0 => 1.12.0


Comment:

 I think we're ready to add this flag, and then a `tahoe create-client` CLI
 argument to turn it on from the very beginning. So we need to make some
 decisions. I'm going to propose the following.. please let me know what
 you think.

 * `tahoe create-client --anonymous` or `tahoe create-node --anonymous`
 causes `[node] anonymous = true` to be written to `tahoe.cfg`
 * when `[node] anonymous = true`, any of the following problems will cause
 `tahoe start` to throw an exception before any network traffic has
 occurred:
   * `[node] tub.location =` contains any `tcp:` hints
   * `[node] tub.location =` is empty or missing, since that means `AUTO`,
 which means a `tcp:` hint with automatically-detected addresses
   * `[connections]` lacks a `tcp = tor` line, since otherwise introducer
 and server connections could use raw TCP connections

 There are a few other things we might consider adding, but I'm inclined to
 not include them:

 * require all `tub.location` hostnames (for any type of hint) to end in
 `.onion` or `.i2p`
 * require `tub.socks_port` to point at a local host (maybe limit it to
 `127.0.0.1` and `localhost`, or maybe to any RFC1918 address)
 * if `[storage] enabled = false` and `[helper] enabled = false` (i.e.
 we're a pure client), then require `tub.port=` (empty), to forbid the main
 tub from listening at all

 I'm tentatively pulling this into the 1.12 milestone, because I think
 we're close, and it'd be awesome to include proper (client-side) Tor/I2P
 support, and I think this flag is a necessary part of that.

--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1010#comment:64>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list