<div dir="ltr"><div>-----BEGIN PGP SIGNED MESSAGE-----</div><div>Hash: SHA256</div><div><br></div><div>I agree with the fact that I think we could accomplish all of this through better documentation.</div><div><br></div><div>I'm not a massive fan of those five different states - I just feel it's a little too confusing for users.</div><div><br></div><div>Regards,</div><div><br></div><div>Joshua Lee Tucker</div><div>@tuckerwales</div><div><br></div><div>On Tue, Jul 7, 2015 at 5:21 PM, Karsten Loesing <<a href="mailto:karsten@torproject.org">karsten@torproject.org</a>> wrote:</div><div>- -----BEGIN PGP SIGNED MESSAGE-----</div><div>Hash: SHA1</div><div><br></div><div>On 07/07/15 17:40, Zack Weinberg wrote:</div><div>> On Tue, Jul 7, 2015 at 10:19 AM, Joshua Lee Tucker</div><div>> <josh@tucker.wales> wrote:</div><div>>></div><div>>> I personally don't like displaying the ports in the overview page</div><div>>> - I would also much rather have this information displayed in a</div><div>>> detail page. (Maybe make the "Exit: Yes" clickable?)</div><div>></div><div>> How about "Exit: [Never/Unrestricted/Restricted/Unlikely/Former]</div><div>> (details...)"</div><div><br></div><div>Yes, I could imagine adding more states than just Yes and No.</div><div><br></div><div>> where: "Never" means the relay has never allowed exiting to any</div><div>> port or IP;</div><div><br></div><div>Well, the table already contains a timestamp, so this is probably not</div><div>necessary. Also, keeping a history whether a relay permitted exiting</div><div>up to a given time is quite expensive, because we'd have to re-import</div><div>the whole descriptor archives for this.</div><div><br></div><div>> "Unrestricted" means the relay currently allows exiting to all</div><div>> ports and IPs;</div><div><br></div><div>Plausible, though there are hardly any relays permitting all ports.</div><div><br></div><div>> "Restricted" means the relay currently allows exiting to some</div><div>> ports and IPs, enough to get the exit flag;</div><div><br></div><div>I'd simply call this "Yes". All relays with the Exit flag would have</div><div>this state.</div><div><br></div><div>> "Unlikely" means the relay currently allows exiting to some ports</div><div>> and IPs, *not* enough to get the exit flag;</div><div><br></div><div>This is probably what I'd call "Restricted" or "Limited". That's for</div><div>all relays which don't have reject 1-65535 and which also don't have</div><div>the Exit flag.</div><div><br></div><div>> "Former" means the relay allowed exiting to something at some time</div><div>> in the past, but doesn't anymore.</div><div><br></div><div>This has the same issues as "Never".</div><div><br></div><div>We'd also need "No" for the reject 1-65535 case.</div><div><br></div><div>> And in all cases you can click for more details. (The</div><div>> '(details...)' is literal.)</div><div><br></div><div>See my earlier response about more details. We can probably explain</div><div>three or four possible states in easy-to-understand terms.</div><div><br></div><div>So, yes, this seems plausible, if we can keep it simple. What states</div><div>should we use, and how should we document those in user language?</div><div><br></div><div>All the best,</div><div>Karsten</div><div><br></div><div>- -----BEGIN PGP SIGNATURE-----</div><div>Version: GnuPG v1</div><div>Comment: GPGTools - <a href="http://gpgtools.org">http://gpgtools.org</a></div><div><br></div><div>iQEcBAEBAgAGBQJVm/yJAAoJEJD5dJfVqbCrNSQH/1q3hS7aMvEPcgCp+E/cLwjy</div><div>fmYHEilAgOa1hYwf+wZshljQqDQmMxzHCAheIR+db2pPa7ZZfguwR7tZ0Z4NfvIU</div><div>rwgQrgpGg+W5Zd9bl/2mW7eZFHAAQRpdDzMPy5zlDUHd2pR6tCQNvudhGXhbrlau</div><div>ZBgaegsnT40dncMu0lChOvy9WHscKVCw3Ip3y9jVd5A01gY95cCS5RNKs3Ma0A6T</div><div>OFxDZ9dzApika+zbDaTGVb/bYeWuM3QwAcKfjHcg4hf0GkMC8W/FnK/6X1Sfsjp8</div><div>omYRvLmispKkMYlvcYPBSGAMLXKcCyrrBTj5LtnPyIyUnmBM05FCIhNPH7KxNe4=</div><div>=dd+a</div><div>- -----END PGP SIGNATURE-----</div><div>_______________________________________________</div><div>tor-relays mailing list</div><div><a href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a></div><div><a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a></div><div><br></div><div>-----BEGIN PGP SIGNATURE-----</div><div>Version: Mailvelope v0.13.1</div><div>Comment: <a href="https://www.mailvelope.com">https://www.mailvelope.com</a></div><div><br></div><div>wsFcBAEBCAAQBQJVnBJVCRB1zCF5iNk2lwAAGbYP/iefpIjrTjn4+CJP+TGs</div><div>NYhUEp5KVMAjOb1kGKjlUPZvh/6irQYmUqZo2A/qNgCIma71Nc3//FA9GN9l</div><div>dOAYkuQ+seYzy9+OgZmCnkB11JGTTi1/A/nlyo/TAtxgQ6zYNGwa741ZhoSv</div><div>dGRN4XzvCJjc8Supgpfeb6Aw/av9BGu4UBjdf0BWNuZ66AgcUPdtsC4ldwaN</div><div>2/IP3nvHVzU0IA2KyilV+9cpNeAU4xYivCCAo1yLWaOV4AWr9x0CwuxscoV2</div><div>mOPdI5/Og0fhoeDKBew3h610p0z1atF8m5flNVL3aUsBBmJzQdYWTOtoYvtD</div><div>rmAZSiXAm8tZtLYLiWD/sD8ThonNXkzg+8+uRo27TUR7Mem4mZSGeq+nvUAO</div><div>UTc+K2+03TxqYMIgjFZuEfV9SzcuabI6m2Nhy9T30E7cTKam9/pjHwGV6Qcl</div><div>o98k1X2zBuGHvYAz8Wnb5x8NBwCAi4Otliewqf9bVKcnD59r4fQunVeys+8/</div><div>qGPX/N1dkxhAGOaxx2q/eSbZMxUvFOCNeNbRVwIB88ES2pTNWRyqCFPmyhlv</div><div>ndrxwkDu1Ib8aFSM2jDFe76D6B07NfbSFjZm9Ifb0z0fW9RZ7RL14QbVQhj6</div><div>GkqsgyYZ62b7ThjMnREgIZ6U1LO4FBp8MgKDxV0haVP18AknU24rxInXAPao</div><div>wNu4</div><div>=MmQA</div><div>-----END PGP SIGNATURE-----</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jul 7, 2015 at 5:21 PM, Karsten Loesing <span dir="ltr"><<a href="mailto:karsten@torproject.org" target="_blank">karsten@torproject.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
</span><span class="">On 07/07/15 17:40, Zack Weinberg wrote:<br>
> On Tue, Jul 7, 2015 at 10:19 AM, Joshua Lee Tucker<br>
> <josh@tucker.wales> wrote:<br>
>><br>
>> I personally don't like displaying the ports in the overview page<br>
>> - I would also much rather have this information displayed in a<br>
>> detail page. (Maybe make the "Exit: Yes" clickable?)<br>
><br>
> How about "Exit: [Never/Unrestricted/Restricted/Unlikely/Former]<br>
> (details...)"<br>
<br>
</span>Yes, I could imagine adding more states than just Yes and No.<br>
<span class=""><br>
> where: "Never" means the relay has never allowed exiting to any<br>
> port or IP;<br>
<br>
</span>Well, the table already contains a timestamp, so this is probably not<br>
necessary. Also, keeping a history whether a relay permitted exiting<br>
up to a given time is quite expensive, because we'd have to re-import<br>
the whole descriptor archives for this.<br>
<span class=""><br>
> "Unrestricted" means the relay currently allows exiting to all<br>
> ports and IPs;<br>
<br>
</span>Plausible, though there are hardly any relays permitting all ports.<br>
<span class=""><br>
> "Restricted" means the relay currently allows exiting to some<br>
> ports and IPs, enough to get the exit flag;<br>
<br>
</span>I'd simply call this "Yes". All relays with the Exit flag would have<br>
this state.<br>
<span class=""><br>
> "Unlikely" means the relay currently allows exiting to some ports<br>
> and IPs, *not* enough to get the exit flag;<br>
<br>
</span>This is probably what I'd call "Restricted" or "Limited". That's for<br>
all relays which don't have reject 1-65535 and which also don't have<br>
the Exit flag.<br>
<span class=""><br>
> "Former" means the relay allowed exiting to something at some time<br>
> in the past, but doesn't anymore.<br>
<br>
</span>This has the same issues as "Never".<br>
<br>
We'd also need "No" for the reject 1-65535 case.<br>
<span class=""><br>
> And in all cases you can click for more details. (The<br>
> '(details...)' is literal.)<br>
<br>
</span>See my earlier response about more details. We can probably explain<br>
three or four possible states in easy-to-understand terms.<br>
<br>
So, yes, this seems plausible, if we can keep it simple. What states<br>
should we use, and how should we document those in user language?<br>
<span class=""><br>
All the best,<br>
Karsten<br>
<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1<br>
Comment: GPGTools - <a href="http://gpgtools.org" rel="noreferrer" target="_blank">http://gpgtools.org</a><br>
<br>
</span>iQEcBAEBAgAGBQJVm/yJAAoJEJD5dJfVqbCrNSQH/1q3hS7aMvEPcgCp+E/cLwjy<br>
fmYHEilAgOa1hYwf+wZshljQqDQmMxzHCAheIR+db2pPa7ZZfguwR7tZ0Z4NfvIU<br>
rwgQrgpGg+W5Zd9bl/2mW7eZFHAAQRpdDzMPy5zlDUHd2pR6tCQNvudhGXhbrlau<br>
ZBgaegsnT40dncMu0lChOvy9WHscKVCw3Ip3y9jVd5A01gY95cCS5RNKs3Ma0A6T<br>
OFxDZ9dzApika+zbDaTGVb/bYeWuM3QwAcKfjHcg4hf0GkMC8W/FnK/6X1Sfsjp8<br>
omYRvLmispKkMYlvcYPBSGAMLXKcCyrrBTj5LtnPyIyUnmBM05FCIhNPH7KxNe4=<br>
=dd+a<br>
-----END PGP SIGNATURE-----<br>
<div class="HOEnZb"><div class="h5">_______________________________________________<br>
tor-relays mailing list<br>
<a href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
</div></div></blockquote></div><br></div>