141: exit policy summary

Peter Palfrader peter at palfrader.org
Mon Aug 11 20:10:01 UTC 2008

The current plan is:

  The consensus document will once again be extended to contain the
  information required by clients.  This information will be a summary
  of each node's exit policy.  The exit policy summary will only contain
  the list of ports to which a node exits to most destination IP

  A summary should claim a router exits to a specific TCP port if,
  ignoring private IP addresses (link and site local per RFC3300), the
  exit policy indicates that the router would exit to this port to any
  IP address with the exception of at most 2^25 single addresses (That's
  either two /8 netblocks, or one /8 and a couple of /12s or any other

  An exit policy summary will be included in votes and consensus as a
  new line attached to each exit node.  A lack of policy should indicate
  a non-exit policy.  The line will have the format
   "p" <space> "accept"|"reject" <portlist>
  where portlist is a comma seperated list of single port numbers or
  portranges (e.g.  "22,80-88,1024-6000,6667").  Whether the summary
  shows the list of accepted ports or the list of rejected ports depends
  on which list is shorter (has less elements).  In case of ties we
  choose the list of accepted ports.

  Similarly to IP address, ports, timestamp, and bandwidth a consensus
  should list the exit policy matching the descriptor digest referenced
  in the consensus document.

3.4.1 Client behaviour

  When choosing an exit node for a specific request a Tor client will
  choose from the list of nodes that exit to the requested port as given
  by the consensus document.  If a client has additional knowledge (like
  cached full descriptors) that indicates the so chosen exit node will
  reject the request then it MAY use that knowledge (or not include such
  nodes in the selection to begin with).  However, clients MUST NOT use
  nodes that do not list the port as accepted in the summary (but for
  which they know that the node would exit to that address from other
  sources, like a cached descriptor).

  An exception to this is exit enclave behaviour: A client MAY use the
  node at a specific IP address to exit to any port on the same address
  even if that node is not listed as exiting to the port in the summary.

Should we get much better ideas for summaries later on we can always
build one with a new consensus method number I suppose.
                           |  .''`.  ** Debian GNU/Linux **
      Peter Palfrader      | : :' :      The  universal
 http://www.palfrader.org/ | `. `'      Operating System
                           |   `-    http://www.debian.org/

More information about the tor-dev mailing list