Reliability of circuit extension if target server is running a Tor exit node

[Fabian Keil]

Roger Dingledine <arma at mit.edu> wrote:

> On Mon, Jul 10, 2006 at 09:39:05PM +0200, Fabian Keil wrote:
> > I read on <http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers>:
> > 
> > |Tor does provide a partial solution in a very specific situation, though.
> > |When you make a connection to a destination that also runs a Tor server,
> > |Tor will automatically extend your circuit so you exit from that circuit.

> > How reliable is this supposed to work? For me it is working most of the time,
> > but quite often I get:
> > 
> > A foreign exit node is used for the first HTTP request,
> > the following requests use one of my own nodes.
> 
> Correct, that's how it's implemented right now. The reason is that when
> the user types "www.foo.com" into their browser, Tor has no idea what its
> IP address is, so it doesn't know that your Tor server is the same place.
> 
> We could always resolve every site first, just in case it's at the
> same place as an exit node, but in most cases this would be a wasted
> round-trip.
> 
> So we assume that the first request is just the front-page, and probably
> not really sensitive. And then once we've cached the IP address for the
> destination, future requests become smarter.
> 
> It seemed like a good trade-off at the time. If it's a destination that
> is really sensitive, you can add a MapAddress line to your torrc.
> 
> Are there important example scenarios where this behavior is really
> dangerous?

Not that I know of, but I think the exception for the first
request(s) should be mentioned in the FAQ entry anyway.

Fabian
-- 
http://www.fabiankeil.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20060711/d0b55bae/attachment.pgp>