Tor2web should connect to HSDirs over a 3-hop path

This avoids denial of service by HSDirs.

changed milestone to %Tor: unspecified

added component::core tor/tor milestone::Tor: unspecified parent::17945 points::1 priority::medium resolution::wontfix severity::normal status::closed tor-hs tor2web type::defect labels

Trac:
Status: new to assigned
Component: Core Tor/DocTor to Core Tor/Tor
Owner: atagar to N/A

Milestone renamed

Trac:
Milestone: Tor: 0.2.??? to Tor: 0.3.???

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

Trac:
Keywords: N/A deleted, tor-03-unspecified-201612 added
Milestone: Tor: 0.3.??? to Tor: unspecified

Remove an old triaging keyword.

Trac:
Keywords: tor-03-unspecified-201612 deleted, N/A added

Change the status of all assigned/accepted Tor tickets with owner="" to "new".

Trac:
Status: assigned to new

And it avoids HSDirs knowing the IP addresses of clients.

This is fixed for HSv3 in #22688 (moved).

Trac:
Parent: N/A to #17945 (moved)

I'm personally very reluctant to touch the Tor2web code because I seriously don't want to encourage anyone running this not now not after, never.

And this is also basically touching code that is never tested on our side nor even packaged by distros. So even shipping Tor2web code in tor today is imo border line reckless.

Regardless of my hate of Tor2web ;), I might prefer much more that HSDir defends against that with #24964 (moved) so we can avoid a DoS attack.

At least right now, clients fetching descriptor directly from HSDir are putting less load on the network.

Thoughts?

Trac:
Status: new to needs_information

Tor2web should be formally deprecated.

Trac:
Status: needs_information to closed
Resolution: N/A to wontfix

closed

changed time estimate to 8h

mentioned in issue #20132 (moved)

mentioned in issue #22688 (moved)

moved to tpo/core/tor#20104 (closed)

mentioned in issue tpo/core/tor#20132 (closed)