Control Spec Addition First Draft
hahn.seb at web.de
Thu Mar 4 02:52:20 UTC 2010
my comments inline below.
On Jan 24, 2010, at 1:58 AM, Damian Johnson wrote:
> Hi all. This proposal doesn't seem to be going anywhere so thought I
> should give it one last nudge before moving on to more worthwhile
> work. The issue's sticking point seems to be a difference of opinion
> about what constitutes relay evilness. Nick, Jake, and Sebastian all
> believe in a hard line stance against any retrieval of connection
> information (netstat, lsof, etc). I disagree, and think this is
> harmless unless stored or communicated. Unless this can be resolved
> I think it's obvious the proposal isn't going anywhere.
> Please note that I'm discussing relay to relay connections at the
> moment. If we can't even agree on that then client and exit
> connections are a moot point (and besides, I agree they should
> definitely be hidden from relay operators - personally I think it's
> the responsibility of client applications like vidalia and arm to
> scrub this data, but that's a different discussion...).
This seems to change the original intent of the proposal, which was
(afaiui) to get a listing of all connections from Tor. I wouldn't mind
doing that at all. It does, however, depend on the implementation of
proposal 163 (detecting clients), because otherwise Tor itself cannot
reliably differentiate in all cases.
> Just to be clear I agree this proposal should be killed if it poses
> a threat to Tor users. However, I don't believe it does and still
> have yet to hear an example of any sort of threat it aggravates.
> Without that I'm a bit puzzled at the source of objections. If the
> chief issue is legal or not wanting to risk the appearance of
> supporting snooping that's fine (strikes me as political posing if
> there's no actual benefits to users, but cest la vi).
If you change it to be explicit about the fact that you do not want to
show exit/guard connections, I think this would be ok. It needs to be
actually spelt out, though.
> My bias is toward safety for relay operators and I'm glad to see
> others biased toward user privacy pushing back. Hopefully we'll be
> able to find something acceptable to all parties concerned but if
> not it won't be the end of the world. Cheers! -Damian
Just to see if others are interested in moving this along, or if
everyone wants to kill it.
More information about the tor-dev