Delivery-Date: Wed, 27 May 2015 08:50:11 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 1B2551E0AA2;
	Wed, 27 May 2015 08:50:09 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0719B35948;
	Wed, 27 May 2015 12:50:03 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id D6D6235944
 for <tor-talk@lists.torproject.org>; Wed, 27 May 2015 12:49:59 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Fj70DyCCqVs6 for <tor-talk@lists.torproject.org>;
 Wed, 27 May 2015 12:49:59 +0000 (UTC)
Received: from mail-qk0-x234.google.com (mail-qk0-x234.google.com
 [IPv6:2607:f8b0:400d:c09::234])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id B157A34F3B
 for <tor-talk@lists.torproject.org>; Wed, 27 May 2015 12:49:56 +0000 (UTC)
Received: by qkx62 with SMTP id 62so4484126qkx.3
 for <tor-talk@lists.torproject.org>; Wed, 27 May 2015 05:49:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=from:to:subject:date:message-id:mime-version:content-type
 :content-transfer-encoding:thread-index:content-language;
 bh=OgLarybGKw8vbZpE/E+354xE1TolNVq4kCHwvn34TUE=;
 b=Ws6R9Kq5o6LP7bwZxruA0inf6j7QxGuUqt8sO5cq0nX/nu25PrN4wShqd6mddB7UO/
 NUZVCCpR0+bC7xEnCK1S/q8E/dFm5MansVqw1L186y4tjZ01CdJuSIfHxc2cjyhLjJhu
 SwCboAvzLRe0n4gfBaaRltm28u5rH0pbSdZLzQmWqpBYaVYXyht2FxHdo5RdPvreWYxN
 O5a0t09eWbFydk4Q8veH+/nkuc92APRuNxDL4Gdbo+W1cA8hQimOurHu9qv9ONrlTDmU
 98EqWQIom5pznsw4UJyDx6o7SKDR+EEH94uLw+8+OZ7s9UgYNRN2HXJ0Eq/jcbIS1hNt
 r3Uw==
X-Received: by 10.140.144.67 with SMTP id 64mr41550083qhq.40.1432730994279;
 Wed, 27 May 2015 05:49:54 -0700 (PDT)
Received: from APT510 (c-73-163-4-150.hsd1.md.comcast.net. [73.163.4.150])
 by mx.google.com with ESMTPSA id 68sm10174656qgk.9.2015.05.27.05.49.53
 for <tor-talk@lists.torproject.org>
 (version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
 Wed, 27 May 2015 05:49:53 -0700 (PDT)
From: "Allen" <allenpmd@gmail.com>
To: <tor-talk@lists.torproject.org>
Date: Wed, 27 May 2015 08:49:51 -0400
Message-ID: <02a901d0987b$a01eb230$e05c1690$@gmail.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdCYe5f2ruqdlFFfTEekGKkFsIVCyw==
Content-Language: en-us
Subject: [tor-talk] isolating multiple server requests
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

I have a client application that Tor to communicate with several servers.
For privacy reasons, it is important that after each request, the client
starts with a "fresh slate" so the server is not able to tell that the next
request is coming from the same client.  (Note that after the client
restarts it's session with a particular server, it will never use the
previous session again.)

It is my vague understanding there might be three ways to accomplish this:

1. The client can make a new connection to the Tor proxy with a new unique
username, see
https://gitweb.torproject.org/torspec.git/tree/socks-extensions.txt.  My
concern here is that over time, the Tor proxy will build up a long list of
prior usernames that are never going to be used again.

2. The client can send Tor proxy a NEWNYM signal on its control port.  My
concerns here are that:

a. The spec implies Tor proxy might ignore that signal, see
https://gitweb.torproject.org/torspec.git/tree/control-spec.txt

b. It is not clear to me how to be certain when the request has completed
and it is safe to attempt a new connection.

c. That would reset circuits to all servers, including some circuits that
might be in use.  While I don't think that would result in an error, it
would slow down those requests and make Tor do unnecessary work to
reestablish circuits.

3. The client can somehow talk directly to the Tor controller to establish
new circuits.  My concern here is the complexity and potential to make a
programming mistake that leads to information disclosure.

What is the best approach in this situation?
 
Thanks much.


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

