tor-webwml.git

@@ -36,7 +36,7 @@ href="http://cryptocracy.net/">personal website</a>.</dd>

 management, travel, and other projects.</dd>

 <dt>Domenik Bork</dt><dd> Worked on

-Configuration of Hidden Services with User Authorization in Vidalia as

+Configuration of Onion Services with User Authorization in Vidalia as

 part of Google Summer of Code 2008.</dd>

 <dt>Benedikt Boss</dt><dd>Worked during the 2007 Google Summer of Code on <a

 href="https://svn.torproject.org/svn/topf/trunk/README">TOPF</a>,

@@ -182,7 +182,7 @@ proxying approach for Tor clients on Windows.</dd>

 Tor is based on, so we didn't have to start from scratch.</dd>

 <dt>Robert Ransom</dt><dd>Found and fixed a bunch of Tor bugs, mostly in

-Tor's hidden service code, and added several security and usability

+Tor's onion service code, and added several security and usability

 features to Tor and Tor Browser Bundle.</dd>

 <dt>Johannes Renner</dt><dd> Worked during the 2007 Google Summer of

@@ -236,7 +236,7 @@ Bundle build process, especially on Windows.</dd>

 <dt>Kyle Williams</dt><dd>Developer for JanusVM, a VMWare-based

 transparent Tor proxy that makes Tor easier to set up and use.</dd>

 <dt>Christian Wilms</dt><dd> Worked on

-Performance Enhancing Measures for Tor Hidden Services (<a

+Performance Enhancing Measures for Tor Onion Services (<a

 href="https://svn.torproject.org/cgi-bin/viewvs.cgi/tor/branches/hidserv-perf/">svn</a>) as part of Google Summer of Code 2008.</dd>

 <dt>Jillian C. York</dt><dd><a href="http://jilliancyork.com/">Jillian C. York</a> is a writer, blogger, and activist.</dd>

 </dl>

@@ -204,7 +204,7 @@

     </p>

     <ul>

-      <li><h4><a href="https://ahmia.fi/gsoc/">Ahmia.fi - Search Engine for Hidden Services</a> by Juha Nurmi</h4></li>

+      <li><h4><a href="https://ahmia.fi/gsoc/">Ahmia.fi - Search Engine for Onion Services</a> by Juha Nurmi</h4></li>

       <li><h4><a href="http://ilv.github.io/gettor_proposal.html">Revamp GetTor</a> by Israel Leiva</h4></li>

       <li><h4><a href="https://sites.google.com/site/sreenathadev/gsoc-2014-weather-rewrite">Weather Rewrite</a> by Sreenatha Bhatlapenumarthi</h4></li>

       <li><h4><a href="http://kostas.mkj.lt/gsoc2014/gsoc2014.html">BridgeDB Distributor</a> by Kostas Jakeliunas</h4></li>

@@ -46,7 +46,7 @@

     Individuals use Tor to keep websites from tracking them and their family

     members, or to connect to news sites, instant messaging services, or the

     like when these are blocked by their local Internet providers.  Tor's <a

-    href="<page docs/hidden-services>">hidden services</a>

+    href="<page docs/hidden-services>">onion services</a>

     let users publish web sites and other services without needing to reveal

     the location of the site. Individuals also use Tor for socially sensitive

     communication: chat rooms and web forums for rape and abuse survivors,

@@ -280,17 +280,17 @@

     operations, as well as protecting themselves from physical harm.

     </li>

-    <li><strong>Hidden services:</strong>

-    When the Internet was designed by DARPA, its primary purpose was to be able to facilitate distributed, robust communications in case of

-    local strikes.  However, some functions must be centralized, such as command and control sites.  It's the nature of the Internet protocols to

-    reveal the geographic location of any server that is reachable online.  Tor's hidden services capacity allows military command and

-    control to be physically secure from discovery and takedown.

-    </li>

-    <li><strong>Intelligence gathering:</strong>

-    Military personnel need to use electronic resources run and monitored by insurgents. They do not want the webserver logs on an insurgent website

-    to record a military address, thereby revealing the surveillance.

-    </li>

-    </ul>

+    <li><strong>Onion services:</strong>

+	When the Internet was designed by DARPA, its primary purpose was to be able

+	to facilitate distributed, robust communications in case of local strikes.

+	However, some functions must be centralized, such as command and control

+	sites.  It's the nature of the Internet protocols to reveal the geographic

+	location of any server that is reachable online.  Tor's onion services

+	capacity allows military command and control to be physically secure from

+	discovery and takedown.  </li> <li><strong>Intelligence gathering:</strong>

+	Military personnel need to use electronic resources run and monitored by

+	insurgents. They do not want the webserver logs on an insurgent website to

+	record a military address, thereby revealing the surveillance.  </li> </ul>

     <a name="itprofessionals"></a>

     <h2><a class="anchor" href="#itprofessionals">IT Professionals use Tor</a></h2>

@@ -353,14 +353,14 @@ using technology?</a></li>

     <h3><a class="anchor" href="#RemoveContent">I want some content removed from a .onion address.</a></h3>

     <p>The Tor Project does not host, control, nor have the ability to

     discover the owner or location of a .onion address.  The .onion address is

-    an address from <a href="<page docs/hidden-services>">a hidden

-    service</a>.  The name you see ending in .onion is a hidden service descriptor.

+    an address from <a href="<page docs/hidden-services>">an onion

+    service</a>.  The name you see ending in .onion is an onion service descriptor.

     It's an automatically generated name which can be located on any Tor

-    relay or client anywhere on the Internet.  Hidden services are designed

+    relay or client anywhere on the Internet.  Onion services are designed

     to protect both the user and service provider from discovering who they

-    are and where they are from.  The design of hidden services means the

+    are and where they are from.  The design of onion services means the

     owner and location of the .onion site is hidden even from us.</p>

-    <p>But remember that this doesn't mean that hidden services are

+    <p>But remember that this doesn't mean that onion services are

     invulnerable. Traditional police techniques can still be very effective

     against them, such as interviewing suspects, writing style analysis,

     technical analysis of the content itself, sting operations, keyboard taps,

@@ -191,11 +191,11 @@ relay.</a></li>

     run my own?</a></li>

     </ul>

-    <p>Tor hidden services:</p>

+    <p>Tor onion services:</p>

     <ul>

-    <li><a href="#AccessHiddenServices">How do I access hidden services?</a></li>

-    <li><a href="#ProvideAHiddenService">How do I provide a hidden service?</a></li>

+    <li><a href="#AccessOnionServices">How do I access onion services?</a></li>

+    <li><a href="#ProvideAnOnionService">How do I provide an onion service?</a></li>

     </ul>

     <p>Development:</p>

@@ -1817,7 +1817,7 @@ versions.

     <p>

     Note also that not every circuit is used to deliver traffic outside of

     the Tor network. It is normal to see non-exit circuits (such as those

-    used to connect to hidden services, those that do directory fetches,

+    used to connect to onion services, those that do directory fetches,

     those used for relay reachability self-tests, and so on) that end at

     a non-exit node. To keep a node from being used entirely, see

     <tt>ExcludeNodes</tt> and <tt>StrictNodes</tt> in the

@@ -3001,15 +3001,16 @@ diversity,

     <hr>

-<a id="TorHiddenServices"></a>

-<h2><a class="anchor">Tor hidden services:</a></h2>

+# Leaving in old ids to accomodate incoming links.

+<a id="TorOnionServices"></a><a id="TorHiddenServices"></a>

+<h2><a class="anchor">Tor onion services:</a></h2>

-    <a id="AccessHiddenServices"></a>

-    <h3><a class="anchor" href="#AccessHiddenServices">How do I access

-    hidden services?</a></h3>

+    <a id="AccessOnionServices"></a><a id="AccessHiddenServices"></a>

+    <h3><a class="anchor" href="#AccessOnionServices">How do I access

+    onion services?</a></h3>

     <p>

-    Tor hidden services are named with a special top-level domain (TLD)

+    Tor onion services are named with a special top-level domain (TLD)

     name in DNS: .onion. Since the .onion TLD is not recognized by the

     official root DNS servers on the Internet, your application will not

     get the response it needs to locate the service. Currently, the Tor

@@ -3020,7 +3021,7 @@ diversity,

 <p>

  Therefore, your application <b>needs</b> to pass the .onion hostname to

  Tor directly. You can't try to resolve it to an IP address, since there

- <i>is</i> no corresponding IP address: the server is hidden, after all!

+ <i>is</i> no corresponding IP address.

 </p>

     <p>

@@ -3047,7 +3048,7 @@ diversity,

     alternative. When using FreeCap set proxy protocol to SOCKS 5 and under

     settings set DNS name resolving to remote. This

     will allow you to use almost any program with Tor without leaking DNS

-    lookups and allow those same programs to access hidden services.

+    lookups and allow those same programs to access onion services.

     </p>

     <p>

@@ -3056,13 +3057,13 @@ diversity,

     <hr>

-    <a id="ProvideAHiddenService"></a>

-    <h3><a class="anchor" href="#ProvideAHiddenService">How do I provide a

-    hidden service?</a></h3>

+    <a id="ProvideAnOnionService"></a><a id="ProvideAHiddenService"></a>

+    <h3><a class="anchor" href="#ProvideAnOnionService">How do I provide an

+    onion service?</a></h3>

     <p>

     See the <a href="<page docs/tor-hidden-service>">

-    official hidden service configuration instructions</a>.

+    official onion service configuration instructions</a>.

     </p>

     <hr>

@@ -3951,7 +3952,7 @@ and clients need to predict all the packets they will want to send in

 a session before picking their exit node!

 </li>

 <li>The Tor-internal name spaces would need to be redesigned. We support

-hidden service ".onion" addresses by intercepting the addresses when

+onion service ".onion" addresses by intercepting the addresses when

 they are passed to the Tor client. Doing so at the IP level will require

 a more complex interface between Tor and the local DNS resolver.

 </li>

@@ -4002,7 +4003,7 @@ their path length.</a></h3>

 <p>

  Right now the path length is hard-coded at 3 plus the number of nodes in

  your path that are sensitive. That is, in normal cases it's 3, but for

- example if you're accessing a hidden service or a ".exit" address it could be 4.

+ example if you're accessing an onion service or a ".exit" address it could be 4.

 </p>

 <p>

  We don't want to encourage people to use paths longer than this — it

@@ -2,78 +2,75 @@

 # Revision: $Revision$

 # Translation-Priority: 3-low

-#include "head.wmi" TITLE="Tor: Hidden Service Protocol" CHARSET="UTF-8"

+#include "head.wmi" TITLE="Tor: Onion Service Protocol" CHARSET="UTF-8"

 <div id="content" class="clearfix">

   <div id="breadcrumbs">

     <a href="<page index>">Home &raquo; </a>

     <a href="<page docs/documentation>">Documentation &raquo; </a>

-    <a href="<page docs/hidden-services>">Hidden Services</a>

+    <a href="<page docs/hidden-services>">Onion Services</a>

   </div>

   <div id="maincol">

-    <h2>Tor: Hidden Service Protocol</h2>

+    <h2>Tor: Onion Service Protocol</h2>

     <hr>

     <p>

     Tor makes it possible for users to hide their locations while offering

     various kinds of services, such as web publishing or an instant

     messaging server.  Using Tor "rendezvous points," other Tor users can

-    connect to these hidden services, each without knowing the other's

-    network identity. This page describes the technical details of how

-    this rendezvous protocol works. For a more direct how-to, see our <a

-    href="<page docs/tor-hidden-service>">configuring hidden services</a>

-    page.

-    </p>

+	connect to these onion services, formerly known as hidden services, each

+	without knowing the other's network identity. This page describes the

+	technical details of how this rendezvous protocol works. For a more direct

+	how-to, see our <a href="<page docs/tor-hidden-service>">configuring onion

+	services</a> page.  </p>

     <p>

-    A hidden service needs to advertise its existence in the Tor network before

+    An onion service needs to advertise its existence in the Tor network before

     clients will be able to contact it. Therefore, the service randomly picks

     some relays, builds circuits to them, and asks them to act as

     <em>introduction points</em> by telling them its public key. Note

     that in the following figures the green links are circuits rather

     than direct connections. By using a full Tor circuit, it's hard for

-    anyone to associate an introduction point with the hidden server's IP

-    address. While the introduction points and others are told the hidden

+    anyone to associate an introduction point with the onion server's IP

+    address. While the introduction points and others are told the onion

     service's identity (public key), we don't want them to learn about the

-    hidden server's location (IP address).

+    onion server's location (IP address).

     </p>

-    <img alt="Tor hidden service step one" src="$(IMGROOT)/THS-1.png">

+    <img alt="Tor onion service step one" src="$(IMGROOT)/THS-1.png">

     # maybe add a speech bubble containing "PK" to Bob, because that's what

     # Bob tells to his introduction points

     <p>

-    Step two: the hidden service assembles a <em>hidden service

-    descriptor</em>, containing its public key and a summary of each

-    introduction point, and signs this descriptor with its private key.

-    It uploads that descriptor to a distributed hash table. The descriptor will be

-    found by clients requesting XYZ.onion where XYZ is a 16 character

-    name derived from the service's public key. After

-    this step, the hidden service is set up.

-    </p>

+	Step two: the onion service assembles an <em>onion service descriptor</em>,

+	containing its public key and a summary of each introduction point, and

+	signs this descriptor with its private key.  It uploads that descriptor to

+	a distributed hash table.  The descriptor will be found by clients

+	requesting XYZ.onion where XYZ is a 16 character name derived from the

+	service's public key. After this step, the onion service is set up.  </p>

     <p>

     Although it might seem impractical to use an automatically-generated

     service name, it serves an important goal: Everyone – including

-    the introduction points, the distributed hash table directory, and of course the

-    clients – can verify that they are talking to the right hidden

-    service. See also <a href="https://en.wikipedia.org/wiki/Zooko%27s_triangle">Zooko's

-    conjecture</a> that out of Decentralized, Secure, and Human-Meaningful,

-    you can achieve at most two. Perhaps one day somebody will implement a <a

+	the introduction points, the distributed hash table directory, and of

+	course the clients – can verify that they are talking to the right

+	onion service. See also <a

+	href="https://en.wikipedia.org/wiki/Zooko%27s_triangle">Zooko's

+	conjecture</a> that out of Decentralized, Secure, and Human-Meaningful, you

+	can achieve at most two. Perhaps one day somebody will implement a <a

 	href="http://www.skyhunter.com/marcs/petnames/IntroPetNames.html">Petname</a>

-    design for hidden service names?

-    </p>

+	design for onion service names?  </p>

-    <img alt="Tor hidden service step two" src="$(IMGROOT)/THS-2.png">

+    <img alt="Tor onion service step two" src="$(IMGROOT)/THS-2.png">

     # maybe replace "database" with "DHT"; further: how incorrect

     # is it to *not* add DB to the Tor cloud, now that begin dir cells are in

     # use?

     <p>

-    Step three: A client that wants to contact a hidden service needs

+    Step three: A client that wants to contact an onion service needs

     to learn about its onion address first. After that, the client can

     initiate connection establishment by downloading the descriptor from

     the distributed hash table. If there is a descriptor for XYZ.onion

-    (the hidden service could also be offline or have left long ago,

+    (the onion service could also be offline or have left long ago,

     or there could be a typo in the onion address), the client now

     knows the set of introduction points and the right public key to

     use. Around this time, the client also creates a circuit to another

@@ -81,49 +78,49 @@

     by telling it a one-time secret.

     </p>

-    <img alt="Tor hidden service step three" src="$(IMGROOT)/THS-3.png">

+    <img alt="Tor onion service step three" src="$(IMGROOT)/THS-3.png">

     # maybe add "cookie" to speech bubble, separated from the surrounded

     # "IP1-3" and "PK"

     <p>

     Step four: When the descriptor is present and the rendezvous

     point is ready, the client assembles an <em>introduce</em> message

-    (encrypted to the hidden service's public key) including the address

+    (encrypted to the onion service's public key) including the address

     of the rendezvous point and the one-time secret. The client sends

     this message to one of the introduction points, requesting it be

-    delivered to the hidden service. Again, communication takes place

+    delivered to the onion service. Again, communication takes place

     via a Tor circuit: nobody can relate sending the introduce message

     to the client's IP address, so the client remains anonymous.

     </p>

-    <img alt="Tor hidden service step four" src="$(IMGROOT)/THS-4.png">

+    <img alt="Tor onion service step four" src="$(IMGROOT)/THS-4.png">

     <p>

-    Step five: The hidden service decrypts the client's introduce message

+    Step five: The onion service decrypts the client's introduce message

     and finds the address of the rendezvous point and the one-time secret

     in it. The service creates a circuit to the rendezvous point and

     sends the one-time secret to it in a rendezvous message.

     </p>

     <p>

-    At this point it is of special importance that the hidden service sticks to

+    At this point it is of special importance that the onion service sticks to

     the same set of <a

     href="<wikifaq>#Whatsthisaboutentryguardformerlyknownashelpernodes">entry

     guards</a> when creating new circuits. Otherwise an attacker

-    could run his own relay and force a hidden service to create an arbitrary

+    could run his own relay and force an onion service to create an arbitrary

     number of circuits in the hope that the corrupt relay is picked as entry

-    node and he learns the hidden server's IP address via timing analysis. This

+    node and he learns the onion server's IP address via timing analysis. This

     attack was described by Øverlier and Syverson in their paper titled

     <a href="http://freehaven.net/anonbib/#hs-attack06">Locating Hidden

     Servers</a>.

     </p>

-    <img alt="Tor hidden service step five" src="$(IMGROOT)/THS-5.png">

+    <img alt="Tor onion service step five" src="$(IMGROOT)/THS-5.png">

     # it should say "Bob connects to Alice's ..."

     <p>

     In the last step, the rendezvous point notifies the client about successful

-    connection establishment. After that, both client and hidden service can

+    connection establishment. After that, both client and onion service can

     use their circuits to the rendezvous point for communicating with each

     other. The rendezvous point simply relays (end-to-end encrypted) messages

     from client to service and vice versa.

@@ -132,21 +129,21 @@

     <p>

     One of the reasons for not using the introduction circuit

     for actual communication is that no single relay should

-    appear to be responsible for a given hidden service. This is why the

-    rendezvous point never learns about the hidden service's identity.

+    appear to be responsible for a given onion service. This is why the

+    rendezvous point never learns about the onion service's identity.

     </p>

     <p>

-    In general, the complete connection between client and hidden service

+    In general, the complete connection between client and onion service

     consists of 6 relays: 3 of them were picked by the client with the third

-    being the rendezvous point and the other 3 were picked by the hidden

+    being the rendezvous point and the other 3 were picked by the onion

     service.

     </p>

-    <img alt="Tor hidden service step six" src="$(IMGROOT)/THS-6.png">

+    <img alt="Tor onion service step six" src="$(IMGROOT)/THS-6.png">

     <p>

-    There are more detailed descriptions about the hidden service protocol than

+    There are more detailed descriptions about the onion service protocol than

     this one. See the

     <a href="<svnprojects>design-paper/tor-design.pdf">Tor design paper</a>

     for an in-depth design description and the

@@ -52,7 +52,7 @@

            'txt'  => 'Configuring a Relay graphically',

           },

           {'url'  => 'docs/tor-hidden-service',

-           'txt'  => 'Configuring a Hidden Service',

+           'txt'  => 'Configuring an Onion Service',

           },

           {'url'  => 'docs/bridges',

            'txt'  => 'Understanding bridges',

@@ -22,7 +22,7 @@

     <p>Even though Tor Browser comes with a regular Tor, it will only run

     as long as you keep Tor Browser open. The following instructions will

     set up Tor without graphical interface or a browser. Many people prefer

-    this over TBB when they host hidden services or relay traffic for other Tor

+    this over TBB when they host onion services or relay traffic for other Tor

     users.  <hr>

     <a id="installing"></a>

     <h2><a class="anchor" href="#installing">Step One: Install a package manager</a></h2>

@@ -2,32 +2,32 @@

 # Revision: $Revision$

 # Translation-Priority: 3-low

-#include "head.wmi" TITLE="Tor Project: Hidden Service Configuration Instructions" CHARSET="UTF-8"

+#include "head.wmi" TITLE="Tor Project: Onion Service Configuration Instructions" CHARSET="UTF-8"

 <div id="content" class="clearfix">

   <div id="breadcrumbs">

     <a href="<page index>">Home &raquo; </a>

     <a href="<page docs/documentation>">Documentation &raquo; </a>

-    <a href="<page docs/tor-hidden-service>">Tor Hidden Service</a>

+    <a href="<page docs/tor-hidden-service>">Tor Onion Service</a>

   </div>

   <div id="maincol">

-    <h1>Configuring Hidden Services for <a href="<page index>">Tor</a></h1>

+    <h1>Configuring Onion Services for <a href="<page index>">Tor</a></h1>

     <hr>

-    <p>Tor allows clients and relays to offer hidden services. That is,

+    <p>Tor allows clients and relays to offer onion services. That is,

     you can offer a web server, SSH server, etc., without revealing your

     IP address to its users. In fact, because you don't use any public address,

-    you can run a hidden service from behind your firewall.

+    you can run an onion service from behind your firewall.

     </p>

-    <p>If you have Tor installed, you can see hidden services in action

+    <p>If you have Tor installed, you can see onion services in action

     by visiting this <a href="http://duskgytldkxiuqc6.onion/">sample

     site</a>.

     </p>

     <p>

-    This page describes the steps for setting up your own hidden service

-    website. For the technical details of how the hidden service protocol

-    works, see our <a href="<page docs/hidden-services>">hidden service

+    This page describes the steps for setting up your own onion service

+    website. For the technical details of how the onion service protocol

+    works, see our <a href="<page docs/hidden-services>">onion service

     protocol</a> page.

     </p>

@@ -60,7 +60,7 @@

     server can be complex. We're not going to cover how to set up a web

     server here. If you get stuck or want to do more, find a friend who

     can help you. We recommend you install a new separate web server for

-    your hidden service, since even if you already have one installed,

+    your onion service, since even if you already have one installed,

     you may be using it (or want to use it later) for a normal website.

     </p>

@@ -69,7 +69,7 @@

     information about you, your computer, or your location. Be sure to

     bind the web server only to localhost (if people could get to it

     directly, they could confirm that your computer is the one offering

-    the hidden service). Be sure that its error messages don't list

+    the onion service). Be sure that its error messages don't list

     your hostname or other hints. Consider putting the web server in a

     sandbox or VM to limit the damage from code vulnerabilities.

     </p>

@@ -85,10 +85,10 @@

     <hr>

     <a id="two"></a>

-    <h2><a class="anchor" href="#two">Step Two: Configure your hidden service</a></h2>

+    <h2><a class="anchor" href="#two">Step Two: Configure your onion service</a></h2>

     <br>

-    <p>Next, you need to configure your hidden service to point to your

+    <p>Next, you need to configure your onion service to point to your

     local web server.

     </p>

@@ -102,21 +102,21 @@

     <p>

     This section of the file consists of groups of lines, each representing

-    one hidden service. Right now they are all commented out (the lines

-    start with #), so hidden services are disabled. Each group of lines

+    one onion service. Right now they are all commented out (the lines

+    start with #), so onion services are disabled. Each group of lines

     consists of one <var>HiddenServiceDir</var> line, and one or more

     <var>HiddenServicePort</var> lines:</p>

     <ul>

-    <li><var>HiddenServiceDir</var> is a directory where Tor will store information

-    about that hidden service.  In particular, Tor will create a file here named

-    <var>hostname</var> which will tell you the onion URL.  You don't need to

-    add any files to this directory. Make sure this is not the same directory

-    as the hidserv directory you created when setting up thttpd, as your

-    HiddenServiceDir contains secret information!</li>

-    <li><var>HiddenServicePort</var> lets you specify a virtual port (that is, what

-    port people accessing the hidden service will think they're using) and an

-    IP address and port for redirecting connections to this virtual port.</li>

-    </ul>

+	<li><var>HiddenServiceDir</var> is a directory where Tor will store

+	information about that onion service.  In particular, Tor will create a

+	file here named <var>hostname</var> which will tell you the onion URL.  You

+	don't need to add any files to this directory. Make sure this is not the

+	same directory as the hidserv directory you created when setting up thttpd,

+	as your HiddenServiceDir contains secret information!</li>

+	<li><var>HiddenServicePort</var> lets you specify a virtual port (that is,

+	what port people accessing the onion service will think they're using) and

+	an IP address and port for redirecting connections to this virtual

+	port.</li> </ul>

     <p>Add the following lines to your torrc:

     </p>

@@ -126,17 +126,15 @@

     HiddenServicePort 80 127.0.0.1:8080

     </pre>

-    <p>You're going to want to change the <var>HiddenServiceDir</var> line, so it points

-    to an actual directory that is readable/writeable by the user that will

-    be running Tor. The above line should work if you're using the OS X Tor

-    package. On Unix, try "/home/username/hidden_service/" and fill in your own

-    username in place of "username". On Windows you might pick:</p>

-    <pre>

-    HiddenServiceDir C:\Users\username\Documents\tor\hidden_service

-    HiddenServicePort 80 127.0.0.1:8080

-    </pre>

+	<p>You're going to want to change the <var>HiddenServiceDir</var> line, so

+	it points to an actual directory that is readable/writeable by the user

+	that will be running Tor. The above line should work if you're using the OS

+	X Tor package. On Unix, try "/home/username/hidden_service/" and fill in

+	your own username in place of "username". On Windows you might pick:</p>

+	<pre> HiddenServiceDir C:\Users\username\Documents\tor\hidden_service

+	HiddenServicePort 80 127.0.0.1:8080 </pre>

-    <p>Note that since 0.2.6, both <var>SocksPort</var> and <var>HiddenServicePort</var> support Unix socket. 

+    <p>Note that since 0.2.6, both <var>SocksPort</var> and <var>HiddenServicePort</var> support Unix sockets. 

     This means that you can point the <var>HiddenServicePort</var> to a Unix socket:</p>

     <pre>

     HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/

@@ -145,22 +143,22 @@

     <p>Now save the torrc and restart your tor.</p>

-    <p>If Tor starts up again, great. Otherwise, something is wrong. First look at

-    your logfiles for hints. It will print some warnings or error messages. That

-    should give you an idea what went wrong. Typically there are typos in the torrc

-    or wrong directory permissions (See <a href="<page docs/faq>#Logs">the

-    logging FAQ entry</a> if you don't know how to enable or find your

-    log file.)

-    </p>

+	<p>If Tor starts up again, great. Otherwise, something is wrong. First look

+	at your logfiles for hints. It will print some warnings or error messages.

+	That should give you an idea what went wrong. Typically there are typos in

+	the torrc or wrong directory permissions (See <a href="<page

+	docs/faq>#Logs">the logging FAQ entry</a> if you don't know how to enable

+	or find your log file.) </p>

-    <p>When Tor starts, it will automatically create the <var>HiddenServiceDir</var>

-    that you specified (if necessary), and it will create two files there.</p>

+	<p>When Tor starts, it will automatically create the

+	<var>HiddenServiceDir</var> that you specified (if necessary), and it will

+	create two files there.</p>

     <dl>

     <dt><var>private_key</var></dt>

-    <dd>First, Tor will generate a new public/private keypair for your hidden

+    <dd>First, Tor will generate a new public/private keypair for your onion

     service. It is written into a file called "private_key". Don't share this key

-    with others -- if you do they will be able to impersonate your hidden

+    with others -- if you do they will be able to impersonate your onion

     service.</dd>

     <dt><var>hostname</var></dt>

     <dd>The other file Tor will create is called "hostname". This contains

@@ -175,7 +173,7 @@

     to view these files.</p>

     <p>Now that you've restarted Tor, it is busy picking introduction points

-    in the Tor network, and generating a <em>hidden service

+    in the Tor network, and generating an <em>onion service

     descriptor</em>. This is a signed list of introduction points along with

     the service's full public key. It anonymously publishes this descriptor

     to the directory servers, and other people anonymously fetch it from the

@@ -197,9 +195,9 @@

     want to make a backup copy of the <var>private_key</var> file somewhere.

     </p>

-    <p>If you want to forward multiple virtual ports for a single hidden

+    <p>If you want to forward multiple virtual ports for a single onion

     service, just add more <var>HiddenServicePort</var> lines.

-    If you want to run multiple hidden services from the same Tor

+    If you want to run multiple onion services from the same Tor

     client, just add another <var>HiddenServiceDir</var> line. All the following

     <var>HiddenServicePort</var> lines refer to this <var>HiddenServiceDir</var> line, until

     you add another <var>HiddenServiceDir</var> line:

@@ -214,12 +212,12 @@

     HiddenServicePort 22 127.0.0.1:22

     </pre>

-    <p>Hidden services operators need to practice proper operational security

+    <p>Onion services operators need to practice proper operational security

     and system administration to maintain security. For some security

     suggestions please make sure you read over Riseup's <a

 	href="https://help.riseup.net/en/security/network-security/tor/onionservices-best-practices">"Tor

-    hidden services best practices" document</a>. Also, here are some more

-    anonymity issues you should keep in mind:

+	Hidden (Onion) Services Best Practices" document</a>. Also, here are some

+	more anonymity issues you should keep in mind:

     </p>

     <ul>

@@ -227,27 +225,26 @@

     identifying information about you, your computer, or your location.

     For example, readers can probably determine whether it's thttpd or

     Apache, and learn something about your operating system.</li>

-    <li>If your computer isn't online all the time, your hidden service

+    <li>If your computer isn't online all the time, your onion service

     won't be either. This leaks information to an observant adversary.</li>

-    <li>It is generally a better idea to host hidden services on a Tor client

+    <li>It is generally a better idea to host onion services on a Tor client

     rather than a Tor relay, since relay uptime and other properties are

     publicly visible.</li>

-    <li>The longer a hidden is online, the higher the risk that its

+    <li>The longer an onion service is online, the higher the risk that its

     location is discovered. The most prominent attacks are building a

-    profile of the hidden service's availability and matching induced

+    profile of the onion service's availability and matching induced

     traffic patterns.</li>

     </ul>

     <p>Another common issue is whether to use HTTPS on your relay or

     not. Have a look at this <a

-    href="https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs">post</a>

-    on the Tor Blog to learn more about these issues.

+    href="https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs">post</a> on the Tor Blog to learn more about these issues.

     </p>

     <p>Finally, feel free to use the <a

     href="https://lists.torproject.org/pipermail/tor-onions/">[tor-onions]

     mailing list</a> to discuss the secure administration and operation of

-    Tor hidden services.</p>

+    Tor onion services.</p>

   </div>

   <!-- END MAINCOL -->

@@ -53,7 +53,7 @@

            'txt'  => 'Configuring a Relay graphically',

           },

           {'url'  => 'docs/tor-hidden-service',

-           'txt'  => 'Configuring a Hidden Service',

+           'txt'  => 'Configuring an Onion Service',

           }, 

           {'url'  => 'docs/bridges',

            'txt'  => 'Configuring a Bridge Relay',

@@ -88,7 +88,7 @@

           </li>

           <li>

             <p><strong>I would like to know more about how Tor works,

-            what hidden services are, or how to run a relay.</strong></p>

+            what onion services are, or how to run a relay.</strong></p>

             <p><a href="<page docs/faq>"

             target="_blank">This Tor Project FAQ</a> has answers to all

             those questions, and more.</p>

@@ -14,7 +14,7 @@

     <ol>

     <li>Please consider <a href="<page docs/tor-doc-relay>">running

     a relay</a> to help the Tor network grow.</li>

-    <li>Tell your friends! Get them to run relays. Get them to run hidden

+    <li>Tell your friends! Get them to run relays. Get them to run onion

     services. Get them to tell their friends.</li>

     <li>If you like Tor's goals, please <a href="<page donate/donate>">take a moment

     to donate to support further Tor development</a>. We're also looking

@@ -378,12 +378,12 @@ meetings around the world.</li>

     <p>

     <b>Project Ideas:</b><br />

-    <i><a href="#improveHiddenServices">Help improve Tor hidden services</a></i><br />

+    <i><a href="#improveOnionServices">Help improve Tor onion services</a></i><br />

     <i><a href="#torFuzzing">Fuzzing coverage of Tor</a></i><br />

     <i><a href="#relayCryptoParallelism">Relay crypto parallelism</a></i><br />

     <i><a href="#anonymousLocalCountStatistics">Anonymous local count statistics</a></i><br />

     <i><a href="#improveSocks5Variant">Improved SOCKS5 variant</a></i><br />

-    <i><a href="#hiddenServiceCryptoParallelism">Hidden service crypto parallelism</a></i><br />

+    <i><a href="#onionServiceCryptoParallelism">Onion service crypto parallelism</a></i><br />

     <i><a href="#supportAllDNS">Support all kinds of DNS in Tor</a></i><br />

     <i><a href="#improveIpv6Support">Improve IPv6 support</a></i>

     </p>

@@ -765,28 +765,29 @@ meetings around the world.</li>

     <ol>

-    <a id="improveHiddenServices"></a>

+	#Keep old ids in case of incoming links.

+    <a id="improveOnionServices"></a><a id="improveHiddenServices"></a>

     <li>

-    <b>Help improve Tor hidden services</b>

+    <b>Help improve Tor onion services</b>

     <br>

     Language: <i>C</i>

     <br>

     Likely Mentors: <i>George (asn), David Goulet (dgoulet)</i>

     <br><br>

     <p>

-The hidden services team is busy implementing <a

+The onion services team is busy implementing <a

 href="https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-ng.txt">proposal

-224</a> but we are always open to mentoring fun and exciting hidden

+224</a> but we are always open to mentoring fun and exciting onion

 service projects.

     </p>

     <p>

-In the past, we've mentored a wide variety of projects related to hidden

+In the past, we've mentored a wide variety of projects related to onion

 services, ranging from <a

 href="https://lists.torproject.org/pipermail/tor-dev/2016-April/010832.html">onion

 search engines</a>, <a

 href="https://lists.torproject.org/pipermail/tor-talk/2015-May/037966.html">to

-scaling techniques for hidden services</a>,

+scaling techniques for onion services</a>,

 and also various approaches

 of making onion services more <a

 href="https://lists.torproject.org/pipermail/tor-dev/2012-June/003588.html">usable</a>

@@ -892,24 +893,25 @@ For more information <a href="https://trac.torproject.org/projects/tor/ticket/12

     </p>

     </li>

-    <a id="hiddenServiceCryptoParallelism"></a>

+	#Keep old ids in case of incoming links.

+    <a id="onionServiceCryptoParallelism"></a><a id="hiddenServiceCryptoParallelism"></a>

     <li>

-    <b>Hidden service crypto parallelism</b>

+    <b>Onion service crypto parallelism</b>

     <br>

     Likely Mentors: <i>Nick (nickm), David Goulet (dgoulet)</i>

     <br><br>

     <p>

-Hidden services, hidden service clients, hidden service directories,

+Onion services, onion service clients, onion service directories,

 and introduction points all need to do a few public-key operations as

 they operate.  But right now, these operations are all done on the

 main thread.  It would be good to have these run across multiple cores.

     </p>

     <p>

-This could probably be done in a way similar to how we currently hand

+This could probably be done in a way similar to how we currently handle

 circuit extension handshakes in onion.c and cpuworker.c, but we'd need

-to extend the state machine for hidden services to add an additional

-state.  It could help hidden services operate much more efficiently.

+to extend the state machine for onion services to add an additional

+state.  It could help onion services operate much more efficiently.

     </p>

     <p>

@@ -1060,13 +1062,13 @@ For more information <a href="https://trac.torproject.org/projects/tor/ticket/17

     <a id="ahmiaSearch"></a>

     <li>

-    <b>Ahmia - Hidden Service Search</b>

+    <b>Ahmia - Onion Service Search</b>

     <br>

     Language: <i>Python, Django</i>

     <br>

     Likely Mentors: <i>Juha Nurmi (numes), George (asn)</i>

     <p>

-    Ahmia is open-source search engine software for Tor hidden service deep

+    Ahmia is open-source search engine software for Tor onion service deep

     dark web sites. You can test the running search engine at ahmia.fi. For

     more information see our <a

     href="https://blog.torproject.org/category/tags/ahmiafi">blog post about

@@ -1075,7 +1077,7 @@ For more information <a href="https://trac.torproject.org/projects/tor/ticket/17

     <p>

     Ahmia is a working search engine that indexes, searches, and catalogs

-    content published on Tor Hidden Services. Furthermore, it is an environment

+    content published on Tor Onion Services. Furthermore, it is an environment

     to share meaningful insights, statistics, insights, and news about the Tor

     network itself. In this context, there is a lot of work to do.

     </p>

@@ -1098,7 +1100,7 @@ For more information <a href="https://trac.torproject.org/projects/tor/ticket/17

           <li>Remove these sites from the search results</li>

         </ul>

       </li>

-      <li>Add hidden services funtion (very important)<br />

+      <li>Add onion services function (very important)<br />

         <ul>

           <li>You can add onions using HTML form</li>

           <li>Call the crawler immidiately when a new site is added</li>

@@ -45,7 +45,7 @@

         <ul>

           <li><a href="<page donate/donate-foot>">Donate</a></li>

           <li><a href="<page docs/documentation>#MailingLists">Mailing Lists</a></li>

-          <li><a href="<page docs/hidden-services>">Hidden Services</a></li>

+          <li><a href="<page docs/hidden-services>">Onion Services</a></li>

           <li><a href="<page getinvolved/translation>">Translations</a></li>

 #          <li><a href="<page getinvolved/open-positions>">Careers</a></li>

         </ul>

@@ -72,16 +72,16 @@

     <h2>How can I run my own private TorDNSEL?</h2>

     <p>You can learn all about the code for TorDNSEL by visiting the <a

-    href="http://p56soo2ibjkx23xo.onion/">official hidden service</a> through

+    href="http://p56soo2ibjkx23xo.onion/">official onion service</a> through

     Tor.</p>

     <p>You can download the latest source release from the <a

-    href="http://p56soo2ibjkx23xo.onion/dist/tordnsel-0.0.6.tar.gz">hidden

+    href="http://p56soo2ibjkx23xo.onion/dist/tordnsel-0.0.6.tar.gz">onion

     service</a> or from a

     <a href="/tordnsel/dist/tordnsel-0.0.6.tar.gz">

     local mirror</a>. It's

     probably wise to check out the current revision from the darcs repository

-    hosted on the aforementioned hidden service.</p>

+    hosted on the aforementioned onion service.</p>

     <p>For more information or to report something useful, please email

 the