glossary.txt 5.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141
  1. Glossary
  2. The Tor Project
  3. This document aims to specify terms, notations, and phrases related
  4. to Tor, as used in the Tor specification documents and other documentation.
  5. This glossary is not a design document; it is only a reference.
  6. This glossary is a work-in-progress; double-check its definitions before
  7. citing them authoritatively. ;)
  8. 0. Preliminaries
  9. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
  10. NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
  11. "OPTIONAL" in this document are to be interpreted as described in
  12. RFC 2119.
  13. 1.0 Commonly used Tor configuration terms
  14. ORPort - Onion Router Port
  15. DirPort - Directory Port
  16. 2.0 Tor network components
  17. 2.1 Relays, aka OR (onion router)
  18. [Style guide: prefer the term "Relay"]
  19. 2.1.1 Specific roles
  20. Exit relay: The final hop in an exit circuit before traffic leaves
  21. the Tor network to connect to external servers.
  22. Non-exit relay: Relays that send and receive traffic only to
  23. other Tor relays and Tor clients.
  24. Entry relay: The first hop in a Tor circuit. Can be either a guard
  25. relay or a bridge, depending on the client's configuration.
  26. Guard relay: A relay that a client uses as its entry for a longer
  27. period of time. Guard relays are rotated more slowly to prevent
  28. enumeration attacks.
  29. Bridge: A relay intentionally not listed in the public Tor
  30. consensus, with the purpose of circumventing entities (such as
  31. governments or ISPs) seeking to block clients from using Tor.
  32. Currently, bridges are used only as entry relays.
  33. Directory cache: A relay that downloads cached directory information
  34. from the directory authorities and serves it to clients on demand.
  35. Any relay will act as a directory cache, if its bandwidth is high enough.
  36. Rendezvous point: A relay connecting a client to a hidden service.
  37. Each party will builds a three-hop circuit, meeting at the
  38. rendezvous point.
  39. 2.2 Client, aka OP (onion proxy)
  40. [Style: the "OP" and "onion proxy" terms are deprecated.]
  41. 2.3 Authorities:
  42. Directory Authority: Nine total in the Tor network, operated by
  43. trusted individuals. Directory authorities define and serve the
  44. consensus document, defining the "state of the network." This document
  45. contains a "router status" section for every relays currently
  46. in the network. Directory authorities also serve router descriptors,
  47. extra info documents, microdescriptors, and the microdescriptor consensus,
  48. Bridge Authority: One total. Similar in responsibility to directory
  49. authorities, but for bridges.
  50. Fallback directory mirror: One of a list of directory caches distributed
  51. with the Tor software. (When a client first connects to the network, and
  52. has no directory information, it asks a fallback directory. From then on,
  53. the client can ask any directory cache that's listed in the directory
  54. information it has.)
  55. 2.4 Hidden Service:
  56. A hidden service is a server that will only accept incoming
  57. connections via the hidden service protocol. Connection
  58. initiators will not be able to learn the IP address of the hidden
  59. service, allowing the hidden service to receive incoming connections,
  60. serve content, etc, while preserving its location anonymity.
  61. 2.5 Circuit:
  62. An established path through the network, where cryptographic keys
  63. are negotiated using the ntor protocol or TAP (Tor Authentication
  64. Protocol (deprecated) with each hop. Circuits can differ in length
  65. depending on their purpose. See also Leaky Pipe Topology.
  66. Origin Circuit -
  67. Exit Circuit: A circuit which connects clients to destinations
  68. outside the Tor network. For example, if a client wanted to visit
  69. duckduckgo.com, this connection would require an exit circuit.
  70. Internal Circuit: A circuit whose traffic never leaves the Tor
  71. network. For example, a client could connect to a hidden service via
  72. an internal circuit.
  73. 2.6 Edge connection:
  74. 2.7 Consensus: The state of the Tor network, published every hour,
  75. decided by a vote from the network's directory authorities. Clients
  76. fetch the consensus from directory authorities, fallback
  77. directories, or directory caches.
  78. 2.8 Descriptor: Each descriptor represents information about one
  79. relay in the Tor network. The descriptor includes the relay's IP
  80. address, public key fingerprint, along with other data. Relays send
  81. descriptors to directory authorities, who will vote and publish a
  82. summary of them in the network consensus.
  83. 3.0 Tor network protocols
  84. Link handshake
  85. Circuit handshake
  86. Hidden Service Protocol
  87. Directory Protocol
  88. 4.0 General network definitions
  89. Leaky Pipe Topology: The ability for the origin of a circuit to address
  90. relay cells to be addressed to any hop in the path of a circuit. In Tor,
  91. the destination hop is determined by using the 'recognized' field of relay
  92. cells.
  93. Stream: A single application-level connection or request, multiplexed over
  94. a Tor circuit. A 'Stream' can currently carry the contents of a TCP
  95. connection, a DNS request, or a Tor directory request.
  96. Channel: A pairwise connection between two Tor relays, or between a
  97. client and a relay. Circuits are multiplexed over Channels. All
  98. channels are currently implemented as TLS connections.