Upon occasion, I see very long sequences of info-level log messages to the effect that an exit stream has failed the exit policy. Is there any good reason why a relay should not return a DESTROY cell on a circuit whose exit connection attempts have failed the exit policy some threshhold number of times? After all, the exit policy is published information. Anyone making repeated attempts to violate it is either doing so in ignorance of a recent change to the exit policy, perhaps not yet propagated to the client causing the problem, or is doing so as some sort of cracking attempt. It seems to me that killing a circuit in this situation is appropriate to minimize waste of tor network resources. Any thoughts on this?
Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at cs.niu.edu * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************