[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?



----- Original Message ----

> From: Gregory Maxwell <gmaxwell@xxxxxxxxx>
> To: or-talk@xxxxxxxxxxxxx
> Sent: Mon, January 31, 2011 6:47:37 PM
> Subject: Re: Is "gatereloaded" a Bad Exit?
> 
> There are legitimate reasons why tor supports an  operator controlled
> exit policy,  but no real suggestion has been made  for a _legitimate_
> reason to allow 80 and block 443.

Is it possible that some people operate in a port-restricted environment or that 
port 443 is throttled by some ISPs?

My real question concerns the scenario in which a user happens upon an exit that 
blocks HTTPS and uses that exit to access a website that uses a combination of 
HTTP and HTTPS. The HTTPS portion would be forced through a different exit, and 
the server may be programmed to notice the difference and break by design.

For example, say you want to login somewhere, and the server notes that you 
appear to be logging in from France. The HTTPS portion appears to come from the 
United States. That disparity triggers an "I'm sorry..." message.



      
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/