Default ORPort 443 [was: Re: German data rentention law]

Niels Grewe niels.grewe at halbordnung.de
Sun Oct 19 07:35:13 UTC 2008


On Sun, Oct 19, 2008 at 01:44:15AM -0500, Scott Bennett wrote:
> >If nothing else, defaulting to 443 would allow a greater number of 
> >"hotspot" laptops access to TOR from HTTP/S-only networks.
> >
>      Doing that, however, *would* make it rather difficult for the same
> machine--or another machine sharing the same IP address for a NAT'ed LAN
> gateway--to run a web server supporting HTTPS connections.  That alone
> should be sufficient reason not to change the default ORPort to 443.

Besides, opening ports < 1024 usually requires root-privileges,
which could introduce serious security issues if an exploitable
flaw were found in Tor. You can still advertise port 443 as your
ORPort and listen on 9001, but this requires some port-forwarding
magic, which is not entirely feasible for a default
configuration. (But your other reason is sound as well)

just my 2c


Niels



More information about the tor-talk mailing list