Delivery-Date: Tue, 26 Jan 2016 13:32:07 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD,URIBL_DBL_SPAM autolearn=no version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id ECD311E041B;
	Tue, 26 Jan 2016 13:32:04 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 5B33B38D2E;
	Tue, 26 Jan 2016 18:32:00 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 6010C38AB2
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 18:31:57 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id iQTeh3FQh1yK for <tor-talk@lists.torproject.org>;
 Tue, 26 Jan 2016 18:31:57 +0000 (UTC)
Received: from w1.tutanota.de (w1.tutanota.de [81.3.6.162])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.tutanota.de",
 Issuer "StartCom Class 2 Primary Intermediate Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 2BBF121543
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 18:31:57 +0000 (UTC)
Received: from localhost (unknown [127.0.0.1])
 by w1.tutanota.de (Postfix) with ESMTP id 0344FFA7BAA
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 18:31:54 +0000 (UTC)
Received: from w1.tutanota.de ([127.0.0.1])
 by localhost (w1.tutanota.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id C1tGtK67j9fu for <tor-talk@lists.torproject.org>;
 Tue, 26 Jan 2016 18:31:50 +0000 (UTC)
Received: from w1.tutanota.de (unknown [127.0.0.1])
 by w1.tutanota.de (Postfix) with ESMTP id B4C66FA7BDC
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 18:31:50 +0000 (UTC)
Date: Tue, 26 Jan 2016 18:31:50 +0000 (UTC)
From: <populationsteamsir@tutanota.com>
To: Tor Talk <tor-talk@lists.torproject.org>
Message-ID: <K8zCB59--3-0@tutanota.com>
MIME-Version: 1.0
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: [tor-talk] onion routing MITM
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

I'm new to tor, trying to understand some stuff.

I understand the .onion TLD is not an officially recognized TLD, so it's not 
resolved by normal DNS servers. The FAQ seems to say that tor itself resolves 
these, not to an IP address, but to a hidden site somehow.

When I look at thehiddenwiki.org, I see a bunch of .onion sites, with random 
looking names. Why is this? What if someone at thehiddenwiki.org registered a 
new .onion site (for example http://somerandomletters.onion), which then 
relayed traffic to duck-duck-go (http://3g2upl4pq6kufc4m.onion)? 
Thehiddenwiki could give me the link http://somerandomletters.org, and of 
course I would never know the difference between that and 
http://3g2upl4pq6kufc4m.onion

Without trusting a CA to validate a site name, what prevents MITM attacks? Am 
I supposed to get the duckduckgo URL from a trusted friend of mine, and then 
always keep it?
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

