[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?



Thus spake grarpamp (grarpamp@xxxxxxxxx):
 
> Exit policy is currently at the operator's pleasure, need and design.
> If exit policy mandates will help solve some Tor scalability or
> attack vector issues, in a substantive way, from an engineering
> standpoint, fine. But please, don't claim it makes users any more
> 'safe' from sniffing.

I've already addressed the rest of your points.  For the record,
you're just strawmanning here. I never made the claim this was safer.

I cited several engineering reasosn why this type of exit policy
is a pain for us.

I've also made the claim that there is no rational reason to operate
an exit in this fashion, other than to log/monitor/censor traffic or
because of undesirable network conditions, and no one has disputed
that claim.

Morphium gave us a reason, even if it was rather petty and irrational,
so he won't be getting the badexit flag. But for my vote in the
process, any other relay that does not give a reason for this policy,
or that can not give us one because of no contact info, will be
getting the flag. The same goes for exits that we detect RSTing 443,
or censoring 443, or throttling 443, or doing anything else to TLS
connections.

But I only have one vote out of three. Roger and Peter are free to
change their minds. Perhaps we should bring more people on board in
this process, too.

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgp4YBmnWO3j9.pgp
Description: PGP signature