Opened 7 years ago

Closed 2 years ago

#6600 closed project (implemented)

Write proof-of-concept hidden service chat, email, etc applications

Reported by: mikeperry Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: - Select a component Version:
Severity: Normal Keywords: SponsorZ-large tor-hs
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by mikeperry)

Hidden services don't have to be just for publishing. They are arbitrary communication endpoints.

We could prototype hidden service-based chat and email by bundling local XMPP and SMTP servers for use with Tails.

Client software developed for #6583 could then be used almost as-is to communicate with other hidden service endpoints.

The benefits of hidden service communications are that you do not reveal your social graph to the network or even to any centralized chat or email infrastructure, and you get end-to-end encryption and authentication for free.

The key things that makes this a large project are that we need solid integration with client software, and the XMPP and SMTP servers have to "just work" right out of the box. If this integration and deployment is not seamless, almost no one will use hidden services this way, and the few who manage to do so will not have anyone to communicate with.

Child Tickets

Change History (13)

comment:1 Changed 7 years ago by mikeperry

Description: modified (diff)

comment:2 in reply to:  description ; Changed 7 years ago by aagbsn

Replying to mikeperry:

Hidden services don't have to be just for publishing. They are arbitrary communication endpoints.

We could prototype hidden service-based chat and email by bundling local XMPP and SMTP servers for use with Tails.

Client software developed for #6583 could then be used almost as-is to communicate with other hidden service endpoints.

The benefits of hidden service communications are that you do not reveal your social graph to the network or even to any centralized chat or email infrastructure, and you get end-to-end encryption and authentication for free.

And file transfer will work without proxies. Secure, single-click file transfer that 'just works' would be a nice feature.

The key things that makes this a large project are that we need solid integration with client software, and the XMPP and SMTP servers have to "just work" right out of the box. If this integration and deployment is not seamless, almost no one will use hidden services this way, and the few who manage to do so will not have anyone to communicate with.

Can other XMPP operators be persuaded to install Tor and federate with .onion? SMTP? Can Tor2Web make this happen transparently?

And is there a good way to exchange contact information? On a platform like Android you can use QR-codes to exchange mostly unmemorable usernames (assuming that it's something like username@…), but the desktop experience will probably be more cumbersome.

comment:3 Changed 7 years ago by nickm

Milestone: Tor: unspecified

comment:4 Changed 7 years ago by nickm

Keywords: tor-hs added

comment:5 Changed 7 years ago by nickm

Component: Tor Hidden ServicesTor

comment:6 Changed 7 years ago by mikeperry

See #7085 for discussion of an XPCOM XMPP+OTR implementation. Currently for Firefox, but I think it might be a better fit for Thunderbird?

comment:7 Changed 6 years ago by arma

Summary: Hidden service communicationsWrite proof-of-concept hidden service chat, email, etc applications

comment:8 Changed 6 years ago by arma

Seems like agl's pond is also making headway here.

comment:9 Changed 3 years ago by cass

Severity: Normal

This ticket is tagged SponsorZ, but work seems to have stalled years ago---and I think the need might already have been addressed through other work. Any objections to closing the ticket?

comment:10 Changed 3 years ago by nickm

I think this could be revisited a bit, especially in the email area, but a lot of this has indeed been tried a lot in the last few years.

comment:11 in reply to:  2 Changed 3 years ago by arma

Mike, how much does the Ricochet design resolve your goals here?

(Several prominent jabber servers now offer onion addresses, but you're still using the centralized jabber server even if you're reaching it via an onion address.)

Replying to aagbsn:

And file transfer will work without proxies. Secure, single-click file transfer that 'just works' would be a nice feature.

For this goal there is now onionshare.

comment:12 Changed 2 years ago by nickm

Component: Core Tor/Tor- Select a component

comment:13 Changed 2 years ago by mikeperry

Resolution: implemented
Status: newclosed
Note: See TracTickets for help on using tickets.