Proposal 150: Exclude Exit Nodes from a circuit

Nick Mathewson nickm at
Fri Jul 11 19:12:30 UTC 2008

On Sat, Jul 05, 2008 at 11:47:32AM +0200, M Fr wrote:
 [as reformatted in svn.]
> Filename: 150-exclude-exit-nodes.txt
> Title: Exclude Exit Nodes from a circuit
> Version: $Revision: 15695 $
> Author: Mfr
> Created: 2008-06-15
> Status: Draft
> Overview
>    Right now, Tor user can manually exclude a node of all the part of
>    circuits created using the directive ExcludeNodes.  
>    This proposal makes this exclusion, less restrictive, allowing to 
>    exclude a node only on the exit part of a circuit.

This has decent applications, and a number of people seem to want it.
There are some risks to using the feature badly, but they don't seem

I'm going to mark this proposal accepted, clean up the english a
little, and add a new Risks section at the bottom, as follows:


   Use of this option can make users partitionable under certain attak
   assumptions.  However, ExitNodes already creates this possibility,
   so there isn't much increased risk in ExcludeExitNods.

   We should still encourage people who exclude an exit node because
   of bad behavior to report it instead of just adding it to their
   ExcludeExit list.  It would be unfortunate if we didn't find out
   about broken exits because of this option.  This issue can probably
   be addressed sufficiently with documentation.


More information about the tor-dev mailing list