Option to skip authorization verification in INTRODUCE2 cell
Tor clients include an authorization cookie in the INTRODUCE2 cell when accessing a hidden service configured with client authorization. The service verifies the INTRODUCE2 cells and denies request which don't include (a valid) authorization. I'd like to be able to use stealth authorization as a means of distributing introduction point information in a private way. I'd like for clients who eventually receive the decrypted introduction point data to be able to connect to the hidden service without needing to know the original authorization cookie.
This would be useful in my Summer of Privacy project to distribute IP data in a private way while allowing clients to connect as normal (without authorization) to a published descriptor containing those introduction points.
I can also see a use case situation where a service would like to distribute stealth authorization introduction points to a client outside of the HSDir system by using some other form of client authorization (web of trust, captcha, etc.).
I'd propose a 'HiddenServiceNoAuthorizationVerify' option to allow service operators to disable authorization verification of a per service basis. I think Tor should provide a suitable warning on start up to ensure operators are aware of the potential consequences of enabling the option.
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80
HiddenServiceAuthorizeClient stealth user
HiddenServiceNoAuthorizationVerify 0
If people think this option is a reasonable idea, I can start writing a patch for the feature.