[tor-relays] Simplifying ExoneraTor
josh at tucker.wales
josh at tucker.wales
Tue Jul 7 07:01:17 UTC 2015
> On 7 Jul 2015, at 07:48, Karsten Loesing <karsten at torproject.org> wrote:
>
>> On 07/07/15 03:45, teor wrote:
>>
>>>> On 7 Jul 2015, at 09:46 , josh at tucker.wales wrote:
>>>>
>>>> From the perspective of someone investigating abuse, I think
>>>> it's important that 'not an exit relay' means 'not capable of
>>>> exiting on any port at all'. Ergo I think your option c) is the
>>>> way to go.
>>>
>>> I also think this (c) is the best option. I agree that it's
>>> important to be able to determine, from an investigatory
>>> perspective, whether or not a relay was capable of exiting on any
>>> port.
>
> Okay, let's do c).
>
>> And, if we are going to implement "Exit" as any port, it should
>> also be *any* IP, not just an IPv4 /8 as in the Ext flag
>> definition.
>
> For c), we'd just check if there's a "p reject 1-65535" line or not.
>
I think this is a perfectly OK way of doing this considering the use case.
> Here's the updated design mockup:
>
> https://people.torproject.org/~karsten/volatile/exonerator-mockup/
Looks great Karsten, good job!
Regards,
Joshua Lee Tucker
@tuckerwales
More information about the tor-relays
mailing list