[tor-relays] Exit flag and port 6667 vs 6697
teor
teor2345 at gmail.com
Wed Jul 5 03:08:43 UTC 2017
> On 5 Jul 2017, at 10:36, Igor Mitrofanov <igor.n.mitrofanov at gmail.com> wrote:
>
>> Port numbers and TLS ore orthogonal: port 443 can be used for cleartext,
>> and port 80 for encrypted traffic. In the case of IRC, it's quite common
>> for 6667 to be used with TLS.
>
> When a relay operator uses exit policies, I believe they express an
> intent to block certain types of applications, and not just ports
> those applications typically run on. They mean to block HTTP when they
> block port 80, and they mean to allow HTTPS when they allow port 443.
> Exit relay who use anything but "accept *:*" engage in
> application-level traffic censorship to balance their risk with their
> contribution (if this is not a form of censorship, what are exit
> policies really for?).
This is a complex question that has been asked before.
To summarise: Exit policies exist to make it possible to run an exit that
allows clients access to most websites. The alternative is that the Tor
network just doesn't have enough exit capacity or diversity to help people.
Search the mailing lists for previous discussions.
> Both port-based exit policies, designed when ports meant much more
> than they do today, and the definition of the exit flag, seem
> obsolete. Ports no longer allow Tor users or relay operators to manage
> their risks well, and the exit flag policy does not allow the Tor
> community to protect the network against P2P abuse and optimize it in
> any meaningful way.
>
> For example, as a Tor user, how can I express my desire to only use
> exit nodes that refuse to see any plaintext traffic - where's that
> checkbox in the Tor browser? As an exit relay operator, how can I
> minimize the abuse risks often associated with insecure protocols? As
> a member of the Tor community, how can I understand why making
> _historically_-plaintext traffic on port 6667 (as opposed to usually
> encrypted traffic on ports 993, 995, 587, 6697) part of the minimum
> contribution is optimal for the network?
>
> Long-term, I believe that Tor will need to move away from port-based
> policies to standard / verified / signed deep-packet-inspection
> plugins.
Depp packet inspection has legal implications in many jurisdictions.
And it's less safe for users to deploy DPI tools on every relay.
> I do have a short-term proposal though (below).
>
>> The current Exit flag requires 2 ports out of [80, 443, 6667].
>> Can you clarify what the two options are that you are suggesting here?
>
> For starters, I would propose making it possible to run an Exit node
> without relaying traffic to ports designed to carry insecure
> protocols. That would mean a change as simple as "two ports from [80,
> 443, 6667-OR-6697]".
I opened a ticket for this:
https://trac.torproject.org/projects/tor/ticket/22820
But it needs someone to write a proposal, and then a discussion period.
For examples, see:
https://gitweb.torproject.org/torspec.git/tree/proposals
> Later, I would ask the Tor project to study the
> traffic (by port numbers) and re-examine the port-based exit policy
> system in general.
This is a complex question that needs further research, and good legal
resources across multiple jurisdictions. We'd love to make it better,
but it's going to be slow to change for those reasons.
T
--
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170705/b7c4f9b8/attachment-0001.sig>
More information about the tor-relays
mailing list