[tor-bugs] #18267 [- Select a component]: Enable Exit Policy by Autonomous System Numbers

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Feb 7 08:34:08 UTC 2016 

#18267: Enable Exit Policy by Autonomous System Numbers
--------------------------------------+-----------------
     Reporter:  naif                  |      Owner:
         Type:  defect                |     Status:  new
     Priority:  Medium                |  Milestone:
    Component:  - Select a component  |    Version:
     Severity:  Normal                |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |    Sponsor:
--------------------------------------+-----------------
 This ticket is to improve Tor in a way to enable Exit Policy to be able to
 accommodate AS numbers, other than just IP addresses/netblocks and ports.

 This requirements come up when measuring how to make a Tor Exit Relay that
 enable connections only to high traffic, but very likely not abuse-
 generating, websites of major internet destinations.

 Assuming that i may wish to make a Tor Exit nodes only for those
 destinations where we know there's high traffic to be routed trough the
 Tor Network, but with a limited risks of ISP/Provider takedown due to
 those large corporations not being automatic-abuse-generating, i tried to
 collect the numbers of AS for each of the following:
 Google (17 AS)
 Facebook (1 AS)
 Twitter (3 AS)
 Microsoft (28 AS)
 Yahoo (59 AS)
 Wikipedia (3 AS)
 Linkedin (9 AS)
 Github (1 AS)
 Cloudflare (5 AS)

 The amount of netblocks part of those AS are a lot and i don't think they
 will fit the Exit Policy. When it has been tried to load the list of all
 Italian netblocks (like at #993), weird things happened and it basically
 didn't worked out.

 If Tor servers and clients would become AS-aware, then it would be
 possible to run a Tor Exit node, deciding to refine an exit policy for
 very-limited-liability and very-limited-abuse-generating-setup that could
 probably make it easier to run Tor also on my home broadband line (not
 being abuse generating destinations, my home ISP won't cut me the
 subscription!).

 That's something that could become a brick of a building block to reach a
 point where the end-user (Tor Browser users) maybe able to route some
 traffic out by default (ex: route only the top target AS destinatation
 that would dynamically enable to offload the "bulk-but-not-abuse-
 generating" network traffic)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18267>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list