Thank you very much, interesting. So I could block URLs but not on deep packet inspection?
Markus
2016-10-04 22:04 GMT+02:00 Roger Dingledine arma@mit.edu:
On Tue, Oct 04, 2016 at 09:55:01PM +0200, Markus Koch wrote:
Everyone is running a reduced exit policy ... I only allow HTTP + HTTPS and I know nobody who allows port 25 .... at the end of the day we all shape our exit traffic.
Choosing what to do with your traffic based on headers is fundamentally different, legally, than choosing what to do with it based on payload.
In the US, it's the difference between the "pen register" category and the "wiretap" category. I imagine there are similar terms in many other countries.
In the telephone metaphor (which is what many of these laws are fundamentally based on), it's the difference between "I won't let you call Germany" and "when you call Germany, I'll cut the connection if you start talking about surveillance".
You'll notice that all of the Tor mechanisms for limiting abuse work on the header level, not the payload level.
--Roger
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays