Re: [tor-talk] TorBirdy doesn't work with Gmail?

[tagnaq <tagnaq@xxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

> The issue is that we're scraping 
> http://exitlist.torproject.org/exit-addresses and, for example,
> 50.7.228.92 does not appear in that list. However, it is listed on 
> torstatus.blutmagie.de and apparently it is exiting traffic.

I suppose it is a timing/delay issue since 50.7.228.92 is included in
the current version of
http://exitlist.torproject.org/exit-addresses
now.

> I am not sure how such confusion can arise. Doesn't Tor rely on
> centralised directory servers to find exit nodes? Why would a node
> appear in one list but not another? Is it expected that the
> official exit list is incomplete?

Generally speaking you can never say that a user that is coming from
an IP address that is *NOT* listed as an exit node is *NOT* coming
through Tor.

This is because Tor exit relays might use separate IP addresses on
inbound and outbound traffic.
The inbound address is announced and can be found in the consensus but
the outbound traffic (the one gmail.com will see) is not necessarily
the one that can be found in the consensus if a server is specifically
configured to do so or if he is behind a NAT.

So I would suggest to allow *ANY* IP address as soon as you know that
the actual user specifically opted-in to be a "Tor gmail user" (if the
user completed one of your two options described) - any other approach
will only mean trouble for Tor users on the long run.

thanks for bringing this up here!
tagnaq
-----BEGIN PGP SIGNATURE-----

iF4EAREKAAYFAlGxxyoACgkQyM26BSNOM7YowwD/bGtkC3mxu1GCackp3r/LoUqq
Ctk1q0OqIsEJ7Hd73Y4A/AqlPAtppZqdgNucIDd4A00eBr6JoAAWRHNod2xtwlHS
=zgs2
-----END PGP SIGNATURE-----
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk