[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #18267 [- Select a component]: Enable Exit Policy by Autonomous System Numbers



#18267: Enable Exit Policy by Autonomous System Numbers
--------------------------------------+-----------------
     Reporter:  naif                  |      Owner:
         Type:  defect                |     Status:  new
     Priority:  Medium                |  Milestone:
    Component:  - Select a component  |    Version:
     Severity:  Normal                |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |    Sponsor:
--------------------------------------+-----------------
 This ticket is to improve Tor in a way to enable Exit Policy to be able to
 accommodate AS numbers, other than just IP addresses/netblocks and ports.

 This requirements come up when measuring how to make a Tor Exit Relay that
 enable connections only to high traffic, but very likely not abuse-
 generating, websites of major internet destinations.

 Assuming that i may wish to make a Tor Exit nodes only for those
 destinations where we know there's high traffic to be routed trough the
 Tor Network, but with a limited risks of ISP/Provider takedown due to
 those large corporations not being automatic-abuse-generating, i tried to
 collect the numbers of AS for each of the following:
 Google (17 AS)
 Facebook (1 AS)
 Twitter (3 AS)
 Microsoft (28 AS)
 Yahoo (59 AS)
 Wikipedia (3 AS)
 Linkedin (9 AS)
 Github (1 AS)
 Cloudflare (5 AS)

 The amount of netblocks part of those AS are a lot and i don't think they
 will fit the Exit Policy. When it has been tried to load the list of all
 Italian netblocks (like at #993), weird things happened and it basically
 didn't worked out.

 If Tor servers and clients would become AS-aware, then it would be
 possible to run a Tor Exit node, deciding to refine an exit policy for
 very-limited-liability and very-limited-abuse-generating-setup that could
 probably make it easier to run Tor also on my home broadband line (not
 being abuse generating destinations, my home ISP won't cut me the
 subscription!).

 That's something that could become a brick of a building block to reach a
 point where the end-user (Tor Browser users) maybe able to route some
 traffic out by default (ex: route only the top target AS destinatation
 that would dynamically enable to offload the "bulk-but-not-abuse-
 generating" network traffic)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18267>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs