[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: more letters from the feds

To: or-talk@xxxxxxxxxxxxx
Subject: Re: more letters from the feds
From: "Anthony DiPierro" <or@xxxxxxxxx>
Date: Sun, 28 Jan 2007 14:23:14 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Sun, 28 Jan 2007 14:23:26 -0500
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=BfMspig1Yjvk95RiOKGSV6e4KU9cTXBO/eOETARyAVz2PuxQCfanLcbXaZ3P4qkAWR2fALFrHeI8kekKe6LtN+i3PImfnpdXv3qBEsFfyv5EDtuw/QmWfTIfTN+3etFJhlNf9lDUD2EjN6IBDAsLFFgjZHfUgoGhMMjI9as1Qyk=
In-reply-to: <20070128012107.GS34817@falcon.eff.org>
References: <20070108111809.GJ6974@leitl.org> <bb1289090701080342h5a1ebcbeg374fe4641361a12b@mail.gmail.com> <200701102028.48519.robert@roberthogan.net> <200701111027.04551.xiando@xiando.com> <45A664F4.9000905@gabrix.ath.cx> <3922422b0701110828v57920d6al59d41705cb98b161@mail.gmail.com> <10177.68.166.4.145.1169914321.squirrel@www.worldofdragonlance.com> <71cd4dd90701271506j5e689fb7j16d579915064299c@mail.gmail.com> <20070128012107.GS34817@falcon.eff.org>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On 1/27/07, Seth David Schoen <schoen@xxxxxxx> wrote:

Anthony DiPierro writes:

> Or what about a hidden service for reading web pages in general?
> Something which doesn't support POST (or maybe even GET), so is much
> less likely to be used abusively.  Is this feasible?

The current directory scheme does allow (in fact, requires) policies
to be specified in terms of IP addresses and TCP port numbers.  So
a "web browsing only" exit node is possible.


A port 80 only exit node is possible.  This isn't the same as an exit
node which can only be used for reading web pages).

A "GET-only" exit node can't be specified with the current directory
system, which isn't capable of expressing any information about what
an node will do with connections to a particular TCP port other than
allow or deny them.  You could make an "HTTP GET only" exit node, but
you wouldn't have a way to tell clients that your node enforced that
policy, and users would probably get mad (and stop using your exit
node entirely) when some of their transactions failed mysteriously.

Yes, exactly.  What you could do, though, is run a hidden service
which provides anonymous "HTTP GET-only" web access, and you wouldn't
have to break any protocols or cause anyone to get mad.  *IF* that
hidden service became popular, it could potentially take a lot of load
off the exit servers.

Anyway, just an idea I was throwing out there.  The big questions are
1) is there enough traffic which consists only of browsing websites to
make it worth it, and 2) are there enough people willing to run "HTTP
GET-only" hidden services to make it worth it?  Personally I'd answer
a resounding "yes" to question 1 in that I use Tor primarily for "HTTP
GET", but as I'm currently on a relatively slow EVDO connection I
couldn't answer "yes" to question 2.

Anthony

References:
- more letters from the feds
  - From: Eugen Leitl
- Re: more letters from the feds
  - From: Alexander Janssen
- Re: more letters from the feds
  - From: Robert Hogan
- Re: more letters from the feds
  - From: xiando
- Re: more letters from the feds
  - From: gabrix
- Re: more letters from the feds
  - From: Ringo Kamens
- Re: more letters from the feds
  - From: patgus
- Re: more letters from the feds
  - From: Anthony DiPierro
- Re: more letters from the feds
  - From: Seth David Schoen

Prev by Author: Re: more letters from the feds
Next by Author: Re: more letters from the feds
Previous by thread: Re: more letters from the feds
Next by thread: Re: more letters from the feds
Index(es):
- Author
- Thread