Read the doc, what are your thoughts?

  • Darth_vader__OP
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Look into IPv6 ephemeral addresses

    Sounds good! But does it provide encryption tho?

    • jarfil@beehaw.org
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      IPv6 supports IPsec, but I think this proposal would be closer to Tor/I2P over IPv6.

      For example, a client using an IPv6 ephemeral address, accessing a Tor hidden site, hosted on another client using an IPv6 ephemeral address, will both encrypt, and anonymize both endpoints, with a very short window for any de-anonymization attempts.

      I2P will also scramble the whole connection over multiple circuits.

      EDIT: reading closer the proposal, I see you only consider connections to public targets, with intermediate nodes keeping a cache of the circuit, and using a shortest path algorithm. It would seem to me that a client on IPv6 ephemeral using a HTTPS (with ECH) connection over Tor, would be safer than in this proposal. Choosing random intermediate nodes is a feature to reduce the chance of a single actor controlling all nodes on the path and being able to log the whole circuit.

      I2P takes that a couple steps farther, adding more intermediate nodes, splitting the send and receive parts over different circuits, and expiring circuits periodically.