Delivery-Date: Mon, 20 Jul 2015 20:32:02 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id BBC771E07F2;
	Mon, 20 Jul 2015 20:32:00 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id A06D034778;
	Tue, 21 Jul 2015 00:31:54 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id CA042342D4
 for <tor-talk@lists.torproject.org>; Tue, 21 Jul 2015 00:31:50 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 35RaNr4uBvp6 for <tor-talk@lists.torproject.org>;
 Tue, 21 Jul 2015 00:31:50 +0000 (UTC)
Received: from mailhost.cotse.com (mail.cotse.net [66.203.85.58])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id ABECE33F07
 for <tor-talk@lists.torproject.org>; Tue, 21 Jul 2015 00:31:50 +0000 (UTC)
Received: from out.packetderm.com (out.packetderm.com [66.203.85.62])
 by mailhost.cotse.com (8.14.8/8.14.5) with ESMTP id t6L0VlFj081844
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO)
 for <tor-talk@lists.torproject.org>; Mon, 20 Jul 2015 20:31:47 -0400 (EDT)
 (envelope-from tortalk@couldbe.securecoffee.com)
Received: from localhost (localhost[127.0.0.1]) (authenticated bits=0)
 by smtp (5.7.4/5.7.4) with ESMTP id t6L0Vknn087134
 for <tor-talk@lists.torproject.org>; Mon, 20 Jul 2015 20:31:46 -0400 (EDT)
 (envelope-from tortalk@couldbe.securecoffee.com)
Received: from HTTP by 127.0.0.1 with HTTP; Mon, 20 Jul 2015 20:31:47 -0400
Message-ID: <MTAwMDAzMy5jb3VsZGJl.1437438707@quikprotect>
In-Reply-To: <07b401d0c31b$5347c490$f9d74db0$@gmail.com>
References: <MTAwMDAzNS5jb3VsZGJl.1437415566@quikprotect>
 <07b401d0c31b$5347c490$f9d74db0$@gmail.com>
Date: Mon, 20 Jul 2015 20:31:47 -0400
From: "me" <tortalk@couldbe.securecoffee.com>
To: tor-talk@lists.torproject.org
MIME-Version: 1.0
Importance: Normal
Subject: Re: [tor-talk] Hidden Service and exit circuit questions?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>



>> can an exit node initiate contact with my HS without ever going through a
> rendezvous
>
> No, there is a handshake process needed to establish a Tor connection
> between the two machines, and that handshake only works through the
> rendezvous point.  See
>
> https://www.torproject.org/docs/hidden-services.html.en
>
> https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt

Yeah I understand that's the way it's "intended" to work, but:

   https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt

       ... 1.11. Creating streams

   ...From then on, Bob's OP treats the stream as an
   ordinary exit connection.
   [ Except he doesn't include addr in the connected cell or the end
     cell. -RD]

   Alice MAY send multiple RELAY_COMMAND_BEGIN cells along the circuit, to open
   multiple streams to Bob. ...

Since there is already an established circuit between the machine running the
Tor service and an exit node, I'm thinking that the exit node may be able to
use the existing circuit to access the HS port over the 3-hop circuit without
ever going through the normal 6-hop rendezvous?

Can an exit node initiate a stream back? I understand that the newest nmap
will support scanning through Tor. Will exit nodes be able to scan back?

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

