|
|
# Survey
|
|
|
|
|
|
[[_TOC_]]
|
|
|
|
|
|
What we need to know about each setup in order to provide technical support
|
|
|
for Onion Service adoption and enhancement.
|
|
|
|
|
|
## Template
|
|
|
|
|
|
Template of questions we need to ask every organization with Onion Services.
|
|
|
|
|
|
### Infrastructure related
|
|
|
|
|
|
* Which hosting environment(s) you use to host your sites?
|
|
|
* Which tools you use for deployment and management?
|
|
|
* How do you manage X.509 (TLS) certificates?
|
|
|
* How do you manage DNS entries?
|
|
|
|
|
|
### Webserver related
|
|
|
|
|
|
* Which technology (like webserver) are you using?
|
|
|
* Do you have a load balancing system? Which one?
|
|
|
|
|
|
### Onion related
|
|
|
|
|
|
Questions for cases where .onions are already set:
|
|
|
|
|
|
* Which setup you have for your Onion Service?
|
|
|
* Which tool, if any, are you using to deploy your .onion?
|
|
|
* Are you supporting Onion-Location?
|
|
|
* Do you use a reverse proxy? If yes, which one and do you terminate the .onion there?
|
|
|
* Do you use Onionbalance? If yes, how many instances?
|
|
|
* Do you use a configuration manager for your Tor onion service?
|
|
|
* Do you have a v2 or/and v3 address? If no v3, why?
|
|
|
* Do you user HTTPS for .onion access?
|
|
|
|
|
|
### Oniongroove related
|
|
|
|
|
|
* Where should the Oniongroove CDN instance be hosted (on premises, in the
|
|
|
cloud…) for sites served by your infrastructure?
|
|
|
* How to connect Oniongroove proxy layer with your infrastructure's endpoints
|
|
|
(“last mile question”)? Could work with any endpoints talking TCP: VPN,
|
|
|
HTTPS, even .onion (but in that case it would defeat its purpose ;).
|
|
|
* Would be possible to configure a Onion-Location HTTP header for each web
|
|
|
site?
|
|
|
* Threat model: are there other risk factors, security and privacy
|
|
|
considerations we should take into account besides censorship and DoS? |