[tor-bugs] #23637 [Core Tor/Tor]: Make exit flag depend on ports 80 and 443, not 6667

Mon Sep 25 05:10:39 UTC 2017

#23637: Make exit flag depend on ports 80 and 443, not 6667
--------------------------+------------------------------
 Reporter:  arma          |          Owner:  (none)
     Type:  enhancement   |         Status:  needs_review
 Priority:  Medium        |      Milestone:
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------

Comment (by arma):

 Replying to [comment:3 cypherpunks]:
 > if there are exits that don't want to pass insecure connections (using
 443 and 6667 as a workaround)

 The trouble is that using 443 and 6667 *isn't* a workaround. For clients
 who browse the web using both 80 and 443, if they get an exit that only
 does 443, they need to get a second exit that does 80, for that same
 interaction. Suddenly they have way more exposure for that interaction
 than they needed to have.

 Pointing back to #22820: the main effect of the Exit flag is to help with
 load balancing. It makes clients choose that relay less (currently never)
 for non-exit positions in their circuits. Whereas the presence or absence
 of the Exit flag *doesn't* prevent clients from building circuits that
 exit from that relay -- that choice depends on the streams that the client
 is trying to handle, and the exit policy of each relay they're
 considering.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23637#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online