#23260 closed enhancement (wontfix)

Encoding onion key creation date in the url

Reported by: cypherpunks Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor Version:
Severity: Normal Keywords: prop224 needs-design tricky
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

This is a modest suggestion for the new 52 chars onion urls. If it is possible to encode the creation date of the onion private key in the public onion url, it would help a bit in allowing the users to detect if an onion url is the real deal or if it is a phishing url. Reasoning is the older url would most likely be the genuine url.

Child Tickets

Change History (5)

comment:1 Changed 22 months ago by nickm

Keywords: prop224 needs-design tricky added
Milestone: Tor: 0.3.2.x-final

How would that be authenticated? That is, if I see an address that says it was created on August 1, how do I know that's true?

I'm putting this into 0.3.2.x since that's our last chance to change the .onion address format for a while, but I'm thinking we probably won't be able to get it to work on time unless there's an easy way to do it

comment:2 Changed 22 months ago by dgoulet

Status: newneeds_information

I also don't see how encoding the creation date of the .onion key in the address will allow a user to distinguish a real address or a phishing one... ?

comment:3 Changed 22 months ago by cypherpunks

@dgoulet If you could please have a look at 7cbqhjnlkivmigxf.onion

It is an index of .onion addresses with the first seen date of each onion shown in parenthesis.

As an example, if you search for the onion crate, you'll see three similar looking links but differing first seen dates.

The onion crate - Tor hidden service index

7cbqhjnlkivmigxf.onion (2016-06-11) (Verified)
7cbqhjnpcgixggts.onion (2016-10-10) (Phishing link)
7cbqhjnlkikwzipx.onion (2017-08-11) (Phishing link)

I think the users would be better off if they can verify that 7cbqhjnlkivmigxf is indeed the oldest key of those 3 and therefore the original.

comment:4 Changed 22 months ago by nickm

Milestone: Tor: 0.3.2.x-finalTor: unspecified

please see my questions above; I think this might not be as possible as you think it is. But if it _is_ possible, I want to know how. ;)

comment:5 Changed 10 months ago by nickm

Resolution: wontfix
Status: needs_informationclosed
Note: See TracTickets for help on using tickets.