Here's the line about unacceptability of crawling .onion:
"For example, it is not acceptable to run an HSDir, harvest onion addresses, and do a Web crawl of those onion services."
https://trac.torproject.org/projects/tor/wiki/org/meetings/2015SummerDevMeet...
So, this can indeed be an official policy. But it was the first I had heard of it. And currently at least 3-4 tor2web nodes in good-standing explicitly permit crawling of .onion .
----------------------
Teor: Apologies for being dumb, but can you explain why it's bad for tor2web-nodes to connect to single-onion services? Both Tor2web and Single-onion say IN BIG BOLD LETTERS that using these remove your anonymity. Given that these are intentionally meant to be "expert features" for people who know what they are doing, I don't immediately see a concern sufficiently large that it merits special handling. Can you enlighten me?
-V
On Fri, May 6, 2016 at 5:36 PM, Tim Wilson-Brown - teor teor2345@gmail.com wrote:
On 6 May 2016, at 19:30, Tim Wilson-Brown - teor teor2345@gmail.com wrote:
On 6 May 2016, at 14:53, Virgil Griffith i@virgil.gr wrote:
I've received conflicting accounts as to whether the ethics guidelines require onionsites are to be opt-in [no spec yet?] or the current opt-out [i.e., /robots.txt].
... There's one important exception to this general principle: Single Onion Services. To avoid creating one-hop proxies, tor2web should not allow access to a single onion service. We'e yet to arrive at a mechanism to make this happen, but I think we will end up adding a line to the onion service descriptor. We could make this a configuration parameter (AllowTor2Web?) that defaults to 1 for hidden services, and 0 for single onion services. https://trac.torproject.org/projects/tor/ticket/17945
After re-reading the ticket, there is another way to implement this feature without providing a generic method for onion services to block tor2web:
The rendezvous point (and possibly the introduction point) could terminate the connection if it has a single hop on both ends. However, this could result in false positives if the consensus gets out of sync.
Or is there a reliable way for a relay to detect non-relays without using the consensus?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP 968F094B ricochet:ekmygaiu4rzgsk6n
tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project