On Mon, Jan 21, 2013 at 2:56 PM, <benjaminlincoln@lavabit.com> wrote:

...

...

...

I see, tor already implements such a flag, ISO_STREAM.

I attached a simple formal proposal for this idea. Please discuss.

Proposals go to tor-dev, not tor-talk.

Before you re-send, you should check out the discussion (what there is of it) on ticket #7553 at https://trac.torproject.org/projects/tor/ticket/7553 . The major concern at the time was the performance impact from a large number of users all activating this option. The discussion on the ticket has stalled; it would be nice to reboot the discussion on tor-dev and try to bring it to a conclusion.

In particular, if people think *this* is a good way to "maintain separate identities" for something like web browsing, that's an accidental DOS attack waiting to happen.

Following Nicks's advice I would like to start a discussion on ticket 7553. https://trac.torproject.org/projects/tor/ticket/7553 I think this feature should be exposed to the user. I refrained from writing "implemented" because this feature is already implemented. Not exposing it to the user will not stop Bad Guy(TM) from using it because it can easily be enabled by a trivial 2-line patch to tor. This will not lead to DOS. Circuits being created is slow for the user. I doubt anyone will enable this for real-time, interactive communication like surfing. It hurts anonymity, too. Cypherpunks patch mentions this. 895 **IsolateStream**;; 896 Don't share circuits at all, i.e. isolate each stream to an individual 897 circuit. (Not suitable for browsing or general use, where it *will hurt 898 your anonymity* due to the noisy request profile. The constant creation 899 of new circuits will also be excruciatingly slow for you and put 900 unnecessary load on the Tor network.) Most protocols, in particular HTTP(S), explicitly request their connections to be kept alive. IsolateStream will not have a real effect on these protocols.