Protecting exit-nodes by GeoIP based policy

Enrico Scholz enrico.scholz at informatik.tu-chemnitz.de
Sun Sep 10 21:58:11 UTC 2006 

Hello,

I just had the idea which can help to protect exit-nodes against some
kinds of legal prosecution. Basically, it would be policy to Tor servers
which says "do not connect into country XY". Such a rule does not increase
anonymity but would require that legal actions (e.g. confiscations) must
be performed in another country than this where the crime happened. This
is a much higher hurdle, especially for lower delinquencies.

I see two steps how this policy can be implemented:

A. On client side

 1. add a new option, e.g. 'Jurisdiction' with possible values of
    * 'other'  ... when set, do not use an exit-node when it is the same
                   jurisdiction as the target-ip; this should be the
                   default on new installations
    * 'same'   ... use an exit-node only, when it is in the same
                   jurisdiction (just for completeness...)
    * 'ignore' ... ignore jurisdiction (same behavior as now)
    * a country code  ...  use only exit-nodes within this country; a
                   negated format should exist too

 2. when choosing path, use only exit-nodes which are following the
    constraint above


B. On (exit-)node side

 1. add a new option, e.g. 'JurisdictionPolicy' which accepts country
    codes and perhaps special values like '%same'. Behavior is similar
    to the client side option mentioned above

 2. Tor protocol/meta data must be changed to transmit this option

 3. node forbids connections which are violating the policy


The decision whether a node and a target are in the same jurisdiction can
be done e.g. by a GeoIP like service. A problem might be the license:
GeoIP is GPL, Tor is BSD. Dunno, whether the database can be used freely
and Tor has to implement own parsing routines. Perhaps, similar projects
exist.



Enrico
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 480 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20060910/99d8ddf5/attachment.pgp>

More information about the tor-talk mailing list