[tor-dev] Advice regarding Cloudflare

Ryan Carboni ryacko at gmail.com
Sun Apr 3 07:37:45 UTC 2016

> (as opposed to the people that seem to think that Exits
> should actively combat abuse by having the capability for censorship).
Well, a large number of exit nodes already have the capability for a
man-in-the-middle attack. This capability could very well be a default

 b) In your magic world, how would accessing any site that uses
>     multiple hosts for content to work?
Yes, yes. It is you who is being imposed upon, not Cloudflare, not the
businesses that serve content. In my magic world, people produce things for

This might seem patronizing, but you seem genuinely ignorant. Cloudflare
runs a business. They also get paid for it. That business is to protect
email addresses from scrapes, and so forth. If they tell their customers
that malicious actors can do those things, but only through Tor, because
Tor does good work, their customers will take their business elsewhere.

In a libertarian world, people can bar entry to their property from people
who seem suspicious. You do not believe that Cloudflare should be allowed
to bar entry out of some egocentric concern.

By any reasonable definition of ethics, one must find a middle ground, and
essentially, Cloudflare has all the negotiating power, unless you plan on
personally battering down the doors of Cloudflare.

A good step would be to ask Cloudflare for statistics on Tor misuse.

Perhaps a maximum of 63 domain names (forgot Cloudflare only has a dozen
IPs) per Tor circuit could be done.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160403/7c505d18/attachment.html>

More information about the tor-dev mailing list