[tor-relays] new relays

Andrea Shepard andrea at torproject.org
Sat Aug 31 04:32:31 UTC 2013 

On Sat, Aug 31, 2013 at 12:27:22AM -0400, grarpamp wrote:
> On 8/30/13, Andrea Shepard <andrea at torproject.org> wrote:
> > On Tue, Aug 27, 2013 at 11:08:34AM -0500, Jon Gardner wrote:
> >> Then why have exit policies? Exit nodes regularly block "unwelcome"
> >> traffic
> >> like bittorrent, and there's only a slight functional difference between
> >> that
> >> and using a filter in front of the node to block things like porn
> >
> > There's a considerable functional difference: an exit policy is a defined
> > list of specific hosts and ports to accept/reject, and it's advertised in
> > the exit's descriptor.  Your client can just pick a different exit node
> > if the connection it wants to make is not permitted by a given exit's
> > policy.
> > A "porn filter" is inherently fuzzy and unpredictable, so couldn't be
> > implemented without breaking clients trying to use that node.  Filtering
> > traffic other than as declared by your exit policy should and will get your
> > exit the BadExit flag.
> 
> 
> This is why we need to implement extended exit flags for exits that want
> to run post-exit filtering/enhancement policies, say for example
>   "noporn"
> that way we can get all the religious groups dumping their tithes into
> not just beaming reruns of the 700 club around the world, but a pile of
> uber fast exits too.

What a disastrous notion; the exit policy system works because clients can
predict in advance whether an exit will pass a given connection; it depends
only on the destination host/port.  That could never be the case for any
of these.

> And how about
>  "novirus" delivered by microsoft
>  "doublesyourcoins" propped up by the donations of fools
>  "trusted" run by legit governments

Oh, please, do tell where you expect to find a 'legit' government and why
one should 'trust' it?

-- 
Andrea Shepard
<andrea at torproject.org>
PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF  DE79 A4FF BC34 F01D D536
PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5  DF7E 4191 13D9 D0CF BDA5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 324 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20130830/567a77c6/attachment.sig>

More information about the tor-relays mailing list