Opened 2 years ago

Last modified 4 months ago

#21503 new enhancement

ship default MapAddress for at least torproject.org hosts

Reported by: acceleraTor Owned by:
Priority: Low Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Minor Keywords: tor-client mapaddress onion-mapping onion-naming maybe-bad-idea
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Why let people already running Tor connect over exit? Instead make some known working services the default path like HTTPSEverywhere does for TLS, do it for Onions but for everything not only as a browser extension. For example:

MapAddress atlas.torproject.org 52g5y5karruvc7bz.onion

MapAddress aus1.torproject.org x3nelbld33llasqv.onion

MapAddress aus2.torproject.org vijs2fmpd72nbqok.onion

MapAddress bridges.torproject.org z5tfsnikzulwicxs.onion

MapAddress cloud.torproject.org icxe4yp32mq6gm6n.onion

MapAddress collector.torproject.org qigcb4g4xxbh5ho6.onion

MapAddress compass.torproject.org lwygejoa6fm26eef.onion

MapAddress consensus-health.torproject.org tgnv2pssfumdedyw.onion

MapAddress deb.torproject.org sdscoq7snqtznauu.onion

MapAddress dist.torproject.org rqef5a5mebgq46y5.onion

MapAddress exonerator.torproject.org zfu7x4fuagirknhb.onion

MapAddress extra.torproject.org klbl4glo2btuwyok.onion

MapAddress gettor.torproject.org tngjm3owsslo3wgo.onion

MapAddress git.torproject.org dccbbv6cooddgcrq.onion

MapAddress gitweb.torproject.org jqs44zhtxl2uo6gk.onion

MapAddress help.torproject.org 54nujbl4qohb5qdp.onion

MapAddress jenkins.torproject.org f7lqb5oicvsahone.onion

MapAddress metrics.torproject.org rougmnvswfsmd4dq.onion

MapAddress munin.torproject.org hhr6fex2giwmolct.onion

MapAddress nagios.torproject.org kakxayzmcc3zeomu.onion

MapAddress nyx.torproject.org ebxqgaz3dwywcoxl.onion

MapAddress onion.torproject.org yz7lpwfhhzcdyc5y.onion

MapAddress ooni.torproject.org fqnqc7zix2wblwex.onion

MapAddress people.torproject.org sbe5fi5cka5l3fqe.onion

MapAddress research.torproject.org wcgqzqyfi7a6iu62.onion

MapAddress stem.torproject.org vt5hknv6sblkgf22.onion

MapAddress tb-manual.torproject.org dgvdmophvhunawds.onion

MapAddress torrouter.torproject.org ogv7c7bfy2s6rx3b.onion

MapAddress trac.torproject.org ea5faa5po25cf7fb.onion

MapAddress webstats.torproject.org gbinixxw7gnsh5jr.onion

MapAddress www-staging.torproject.org krkzagd5yo4bvypt.onion

MapAddress www.onion-router.net hzmun3rnnxjhkyhg.onion

MapAddress www.torproject.org expyuzz4wqqyqhjn.onion

Still problem would be, if someone not tell hostnames to tor but IP only while connecting by socksport. May possible to even add like the following if IPs are static enough:

MapAddress 86.59.30.40 expyuzz4wqqyqhjn.onion #www.torproject.org

Child Tickets

Change History (4)

comment:1 Changed 2 years ago by acceleraTor

Component: - Select a componentCore Tor/Tor

comment:2 Changed 2 years ago by teor

Milestone: Tor: 0.3.0.x-finalTor: unspecified
Version: Tor: unspecified

This might be a tor browser packaging ticket instead.

comment:3 Changed 2 years ago by nickm

Keywords: mapaddress onion-mapping onion-naming maybe-bad-idea added

comment:4 in reply to:  2 Changed 4 months ago by cypherpunks

Replying to teor:

This might be a tor browser packaging ticket instead.

Sorry, you are talking about "Onion everywhere" #21952. But but shouldn't an self called OnionRouter route to Onions Anywhere ? The torrc Option will allow ALL traffic to go to onion hs not only browser users. This will work fine and transparently for example for debian repos.
DNS (DoH) as Implement into new firefox. Mail Clients. Coin Nodes. Instantmessage/Chat apps. and so on.
Can't we push this via maybe consensus for at least the known own addresses *.torproject.org mappings?

Distinguishing the Circuits
Remember that while one exit node can serve many many different clients, from Website point of view all of that traffic comes from one IP address. This pooling helps cover the malicious traffic among legitimate traffic, but isn’t essential in the security or privacy of Tor. In fact, it can potentially hurt users by exposing their traffic to bad exit nodes!

Another reason is the bandwidth costs of exit node operators. This is an area that we hope this service can offer relief since it shifts traffic from exit nodes to our own servers, reducing exit node operation costs along with it.

Additionally, since like Tor Browser 8.0 makes a new circuit for each hostname when connecting via an .onion alternative service, the circuit number cannot be used to link connections to two different sites together in onion space.

Note: See TracTickets for help on using tickets.