[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Surveillance rules, feature suggestion
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Surveillance rules, feature suggestion
- From: "Michael Schmidt" <schmidtm524@xxxxxxxxxxxxxx>
- Date: Sun, 25 Nov 2007 18:39:02 +0100
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sun, 25 Nov 2007 12:39:11 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=KdNzDW5q7B1+nsmgQiG3f1p0KSq8zTzovRvH6mg9rxY=; b=SqR8HvtvNafH9FIgOUw1f7FUFq5yMH1JDv1pRv9m/NzwOqHF6dfeVy2S3LZomGAIqsXC+zqC85FjxmzlzNnZwPmw1WOrWQZU0lzhZsKSpmn6ioU7OIzTsMBpc7QTLw2U9Z9b6Lgp0nVElMmBjvYZj2J6CtbBk8VrifvrEqHUVNA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=avg1e50PjLlOeNwmrbf7w2lIkmELCAPESrjxMO11qDhj0AOEuc6rj2CpIJlaw58wWxt6Ih7KIWlUJhA6R2GSjnjcdKiWhlE/EoOw8qFBIO4xHkSGwAjyCcHgm1y3xrRSgZ9uLCQvCA8bwJTK4y5GAJ+DgCxMsiqKZziPWgjEPvw=
- In-reply-to: <4749AE7C.4050208@xxxxxxxxxxxxxxxx>
- References: <4749AE7C.4050208@xxxxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
this is a good idea, see the thread to do this over f2f,
in your model this is done as well, but you need to make sure, that a middelman-only node NEVER connects to another node, which is any other node in the same law-country,
So the middleman-only-node connecting to another middleman-only-node in germany is redundant, as if one is analyzed, the logs offer as well the other in the same law zone, so the hop is redundant and waste in the point of security.
A german middlenode-only to an german-exit-node is a dead thing !
Only german middlenode-only-peer connecting to ANY kind of node Outside the law area is useful.
the idea to use F2F would allow to have the waste of 2 german middlenodes broken, which means this is helpful to have both or more hops, even as well for using a different law-Exit node from the law-zone (do not mix up with the web-exit node) in the chain.
So this means: Middelnodes in the law aerea are only useful with ONE hop and ONLY connections to law-outside-nodes. But who will determine that all in a p2p way if a node is outside, then the analyzers just need to set up a dedicated server in the USA or India and the middle-node is as well analyzed.
Third, to prevent this, you then need as well several middle nodes in the law zone, which is not really a prevention, as both or all three need to log, So if the middle-node is contacting a malicious law-outside node, your are done.
Here as well only F2F helps to connect to stable trusted prooved firiends in the outside-law aerea.
If there is a random peer is choosen, then the middlenode as well is analyzed in the case of a trap.
2007/11/25, Smuggler <smuggler@xxxxxxxxxxxxxxxx>:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
I wonder if it would be a good thing to define "Middleman-Only" nodes.
Those nodes would ONLY talk to other Tor-Nodes. They will not accept
connections from non-Tor-nodes and not relay to non-Tor-nodes.
While the latter is currently configurable via the exit-policy the
former is not directly supported and thus quick hacks (like firewalling)
reduce the speed and reliability of the network.
The reason why to do this is that those nodes would not provide relaying
to the "public" and thus imho not fall under the various EU Data
retention rules.
Comments welcome.
Regards,
smuggler
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHSa56OMmnRrmEoQkRAkMAAJ9iwIMcKY5unSpRXaRqasFzL5nByACfVeh/
21anvrJOq/M/ODR6zQGEeGg=
=Rqur
-----END PGP SIGNATURE-----