Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
users:toxdns [2017/07/11 20:00] aklyn outline the actual problems and what the page got wrong |
users:toxdns [2018/03/15 19:00] nurupo ToxDNS has been fully phased out: almost no client supports it and toxcore 0.2.0 has dropped libtoxdns |
||
---|---|---|---|
Line 1: | Line 1: | ||
===== ToxDNS ===== | ===== ToxDNS ===== | ||
- | ToxDNS is a tox ID-to-name mapping service. It allows users to shorten their regular, somewhat long, Tox IDs, with short and readable IDs, that closely resemble the format of an email address. An example of a ToxDNS service in use is **groupbot@utox.org**, Which when added, resolves to the full ID ('' | + | ToxDNS is a tox ID-to-name mapping service. It allows users to shorten their regular, somewhat long, Tox IDs, with short and readable IDs, that closely resemble the format of an email address. An example of a ToxDNS service in use is **groupbot@example.org**, Which when added, resolves to the full ID ('' |
ToxDNS servers are [[https:// | ToxDNS servers are [[https:// | ||
- | [The " | + | **ToxDNS |
+ | |||
+ | It's also planned that libtoxdns would be removed from TokTok' | ||
==== What you might want to know about ToxDNS ==== | ==== What you might want to know about ToxDNS ==== | ||
Some people have some concerns about how ToxDNS services could be used maliciously, | Some people have some concerns about how ToxDNS services could be used maliciously, | ||
- | |||
- | [The main concern is not denial of service but the lack of reliability of the result of a " | ||
- | |||
- | The argumentation below is both incomplete and misleading, but I leave the text as it was for reference; MITM by hijacking on the network level at a name/id lookup is not mentioned; impersonation by preregistering a rogue id is not mentioned; impersonation by guessing a password is referred to as MITM which is hardly fair; a malicious or compromised server which at will redirects certain lookups to rogue ids is not mentioned; all of these lead not only to the possibility of talking to a wrong party but for MITM while talking to the right party (!), which is not possible to exclude -- aklyn] | ||
**Impersonating a user(MITM) by switching the Tox ID associated with the username:** If someone compromised your account on a ToxDNS Service or a server hosting ToxDNS records, they might be able to replace the Tox ID associated with the username. New users looking up a Tox ID using the compromised username would be directed to the wrong Tox ID. To minimize the chance of such a thing occurring, use a long, unique, random password for your ToxDNS account, and set the ID to be unchangable if the server supports it. This will not connect you with your intended friend and it does not give anyone access to your private key or any current or previous chat sessions keys. | **Impersonating a user(MITM) by switching the Tox ID associated with the username:** If someone compromised your account on a ToxDNS Service or a server hosting ToxDNS records, they might be able to replace the Tox ID associated with the username. New users looking up a Tox ID using the compromised username would be directed to the wrong Tox ID. To minimize the chance of such a thing occurring, use a long, unique, random password for your ToxDNS account, and set the ID to be unchangable if the server supports it. This will not connect you with your intended friend and it does not give anyone access to your private key or any current or previous chat sessions keys. | ||
Line 23: | Line 21: | ||
It should be noted that none of these area actually problems with ToxDNS itself. The first two are malicious activities that could be undertaken on a server, the third is just somebody taking a site down or blocking access to a site. | It should be noted that none of these area actually problems with ToxDNS itself. The first two are malicious activities that could be undertaken on a server, the third is just somebody taking a site down or blocking access to a site. | ||
- | [all of these areas represent a fundamental problem of using a service which is insecure by design, to initiate a more secure one - the final security is not better than of the weakest part in the chain - aklyn] | + | |
===== ToxDNS Services ===== | ===== ToxDNS Services ===== | ||
As of yet, there is no official ToxDNS service. All services listed here are run by volunteers, use at your own risk. | As of yet, there is no official ToxDNS service. All services listed here are run by volunteers, use at your own risk. | ||
- | |||
- | | ^ Owner ^ Description | ||
- | ^ [[http:// | ||
- | | | ||
===== Run your own ===== | ===== Run your own ===== |