Opened 12 months ago

Last modified 9 months ago

#27953 reopened defect

Authorization types for v3 onion service have to be clarified in documentation

Reported by: geoip Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-spec, tor-hs, hs-auth
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Problem 1. Official spec mentions stealth auth:

[TODO: Also specify stealth client authorization.].

However, stealth auth is only used for v2 onion services. It should be fixed.


Problem 2. According to teor's comment the following auth types were planned: 'descriptor', 'intro', and 'standard'. However, only 'descriptor' type is documented by spec (man page for tor alpha refers to spec for details). Other auth types are not documented at all, though spec gives a strong impression that 'descriptor' is only one of possible authentication types.

If tor project already has some understanding of these future planned auth types, they must be described at least in tickets. If it is not the case, somewhere (e.g. in man page which now refers to spec) we should write that 'descriptor' is the only auth type which will be supported in foreseeable future.

Child Tickets

Change History (5)

comment:1 Changed 12 months ago by dgoulet

Keywords: tor-spec added
Milestone: Tor: unspecified
Reviewer: dgoulet
Type: enhancementdefect

comment:2 Changed 12 months ago by dgoulet

Keywords: tor-hs added
Version: Tor: 0.3.5.1-alpha

comment:3 Changed 12 months ago by traumschule

Keywords: hs-auth added

Let onion service authorization related tickets know of each other.

https://gitweb.torproject.org/torspec.git/tree/rend-spec-v3.txt#n615

[TODO: Also specify stealth client authorization.]
(NOTE: client authorization is not implemented as of 0.3.2.1-alpha.)

comment:4 Changed 11 months ago by teor

Parent ID: #28026
Resolution: duplicate
Status: newclosed

I think #28026 fixes this issue.

If not, please re-open this ticket and let us know what the remaining issues are.

comment:5 in reply to:  4 Changed 9 months ago by geoip

Parent ID: #28026
Resolution: duplicate
Status: closedreopened

Replying to teor:

If not, please re-open this ticket and let us know what the remaining issues are.

It is good that now we have CLIENT AUTHORIZTION section in man torrc, but all other issues I reported in this ticket are still in place.

[TODO: Also specify stealth client authorization.].

However, stealth auth is only used for v2 onion services. It should be fixed.

It is still in spec. It is still not stated to what HS type (v3 or v3 or both) it is applicable. This "TODO" is still needed to be done, if stealth auth is applicable to v3.

According to teor's comment the following auth types were planned: 'descriptor', 'intro', and 'standard'. However, only 'descriptor' type is documented by spec (man page for tor alpha refers to spec for details). Other auth types are not documented at all, though spec gives a strong impression that 'descriptor' is only one of possible authentication types.

How it was addressed? Can you give clear and concise description of auth types? Do you still plan to add other auth types? Are they needed? How they are related each to other? It is not described anywhere.

It is good that man page now clearly states that "descriptor" is the only supported type. But I'ld like to see in spec or somewhere else also about prospects concerning other auth types.

man torrc says

Each file MUST contain one line only. Any malformed file will be ignored.

which is incompatible with spec (G.1.2, G.1.3):

Tor SHOULD ignore lines it does not recognize.

The third party tool SHOULD add appropriate headers to the private key file to ensure that users won't accidentally give out their private key.

As you see, headers should be supported, but ignored by tor. Instead, you write in man torrc that only one line must be in auth file.

G.2.1:

[XXX figure out control port command format]

Must be described.

In spec in G.2.2 syntax of commands IMPORT_ONION_CLIENT_AUTH_DATA and GENERATE_ONION_CLIENT_AUTH_DATA is not described. In control-spec they are not described too. Are they implemented?

[XXX what happens when people use both the control port interface and the filesystem interface?]

If even spec doesn't know how tor works, how users can know that?

I had to remove reference to parent ticket because I cannot reopen this ticket with this reference.

Last edited 9 months ago by geoip (previous) (diff)
Note: See TracTickets for help on using tickets.