Proposal 150: Exclude Exit Nodes from a circuit
nickm at freehaven.net
Fri Jul 11 19:12:30 UTC 2008
On Sat, Jul 05, 2008 at 11:47:32AM +0200, M Fr wrote:
[as reformatted in svn.]
> Filename: 150-exclude-exit-nodes.txt
> Title: Exclude Exit Nodes from a circuit
> Version: $Revision: 15695 $
> Author: Mfr
> Created: 2008-06-15
> Status: Draft
> Right now, Tor user can manually exclude a node of all the part of
> circuits created using the directive ExcludeNodes.
> This proposal makes this exclusion, less restrictive, allowing to
> exclude a node only on the exit part of a circuit.
This has decent applications, and a number of people seem to want it.
There are some risks to using the feature badly, but they don't seem
I'm going to mark this proposal accepted, clean up the english a
little, and add a new Risks section at the bottom, as follows:
Use of this option can make users partitionable under certain attak
assumptions. However, ExitNodes already creates this possibility,
so there isn't much increased risk in ExcludeExitNods.
We should still encourage people who exclude an exit node because
of bad behavior to report it instead of just adding it to their
ExcludeExit list. It would be unfortunate if we didn't find out
about broken exits because of this option. This issue can probably
be addressed sufficiently with documentation.
More information about the tor-dev