Read the doc, what are your thoughts?

  • jarfil@beehaw.org
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    IPv6 supports IPsec, but I think this proposal would be closer to Tor/I2P over IPv6.

    For example, a client using an IPv6 ephemeral address, accessing a Tor hidden site, hosted on another client using an IPv6 ephemeral address, will both encrypt, and anonymize both endpoints, with a very short window for any de-anonymization attempts.

    I2P will also scramble the whole connection over multiple circuits.

    EDIT: reading closer the proposal, I see you only consider connections to public targets, with intermediate nodes keeping a cache of the circuit, and using a shortest path algorithm. It would seem to me that a client on IPv6 ephemeral using a HTTPS (with ECH) connection over Tor, would be safer than in this proposal. Choosing random intermediate nodes is a feature to reduce the chance of a single actor controlling all nodes on the path and being able to log the whole circuit.

    I2P takes that a couple steps farther, adding more intermediate nodes, splitting the send and receive parts over different circuits, and expiring circuits periodically.