[tor-relays] Running relays in universities? Exit nodes, perhaps? Please share your experience!

Tue Apr 17 17:36:29 UTC 2018

TL;DR - Have you got official permission to operate Tor exit nodes
      	within an university campus/network? Relay nodes, even? Please
      	share me how this permission was achieved! (or even if it was
      	denied, please tell me!)

Hi,

I know this list is mostly technical in nature, so sorry for
presenting a very different kind of topic here; I will send a very
similar message to the tor-teachers list, but I believe the population
of this list to be interesting..

I am trying to get my university's (Universidad Nacional Autónoma de
México) OK to run an exit node from our campus' network. I currently
operate one relay, am willing to set up some extra relays, and have at
least one colleague in a different research institute with a relay of
his own, but I believe we should aim for exit nodes.

Now, I don't want to set it up in a rogue fashion, as I'm sure that
the university's NOC or CERT would not take long to get complaints and
require me to shut it down. I have already made an official request
for the permission to run an exit node and (as expected) it was turned
down. Quoting (translation mine) the reasons for rejection,

   1. This assignation is not factible because the Tor network is not
      compatible with the Acceptable Usage Policies of RedUNAM, being
      this infrastructure oriented to the service of institutional
      goals.

   2. While the Tor network can have reseearch purposes, due to its
      nature and the hiding of IPv4 addresses and anonymous
      connectivity, it is susceptible to be used by third parties from
      outside the University with purposes conflicting with those
      specified in item 1, without any possibility of control or
      regulation from the University's part or from your project.

   3. Even more so: The Tor network, due to its definition and
      structure, can potentially incorporate third people with
      malicious or even delictive intentions, which would affect not
      only the computers or networks in your Institute or all of the
      University, but also networks outside the institution's control

So, I want to gather experiences from operators in different
universities or research institutions. Which way did you have to
argue? How hard was to get this OK? Did you ask a permission for a
specific project, or as part of your networking infrastructure in
general? Did you ask this before setting up the exit node, or as a
"fait accompli" gathering not-too-ill results for a given time period?

Any help and pointers are welcome!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180417/35cafc42/attachment.sig>