Family specifications (was: Re: perfect-privacy.com, Family specifications, etc)
Watson Ladd
watsonbladd at gmail.com
Thu May 20 13:48:16 UTC 2010
On May 20, 2010, at 08:39 AM, Flamsmark wrote:
> On 20 May 2010 07:44, <andrew at torproject.org> wrote:
> If Mallory lists Alice
> and Bob, but neither Alice nor Bob list Mallory, it's not a valid
> Family. Otherwise, Mallory could list every node in the network and
> screw everyone.
>
> Why would this screw everyone? I admit that I don't fully understand how families are implemented, however, this doesn't seem sensible to me. Under a scheme which allowed ``one-sided family declarations'' this doesn't seem to be the ideal behaviour. If Mallory lists all the nodes in the network, then this should prevent all the paths which have Mallory somewhere in them, but not paths which avoid her entirely. An aggressive family declaration by Mallory only prevents her from getting traffic, without impacting the rest of the network.This would seem to be the only sensible way to implement ``one-sided family declarations'', to prevent exactly the problem described.
The problem I see with this is that it requires some foresight and backtracking in the creation of tunnels, which will add to network strain, unless someone can suggest a way to plan out the tunnels ahead of time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20100520/2a055e2e/attachment.htm>
More information about the tor-talk
mailing list