# [or-cvs] some minor cleanups before i move a bnuch of sections

Update of /home2/or/cvsroot/tor/doc/design-paper
In directory moria.mit.edu:/home2/arma/work/onion/cvs/tor/doc/design-paper

Modified Files:
challenges.tex
Log Message:
some minor cleanups before i move a bnuch of sections

Index: challenges.tex
===================================================================
RCS file: /home2/or/cvsroot/tor/doc/design-paper/challenges.tex,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -d -r1.51 -r1.52
--- challenges.tex	8 Feb 2005 06:54:47 -0000	1.51
+++ challenges.tex	8 Feb 2005 07:37:30 -0000	1.52
@@ -423,8 +423,7 @@
% this para should probably move to the scalability / directory system. -RD
% Nope. Cut for space, except for small comment added above -PFS

+\section{Policy issues}

Many of the issues the Tor project needs to address extend beyond
system design and technology development. In particular, the
@@ -802,8 +801,7 @@

%[XXX Mention correct DNS-RBL implementation. -NM]

+\section{Design choices}

In addition to social issues, Tor also faces some design challenges that must
be addressed as the network develops.
@@ -969,15 +967,15 @@
\label{subsec:helper-nodes}

It has been thought for some time that the best anonymity protection
-comes from running your own node~\cite{or-pet00,tor-design}.
-(In fact, in Onion Routing's first design, this was the only option
-possible~\cite{or-ih96}.)  While the first implementation
+comes from running your own node~\cite{tor-design,or-pet00}.
+(In fact, this was the only option in the earliest Onion Routing
+design~\cite{or-ih96}.)  While the first implementation
had a fixed path length of five nodes, first generation
to simultaneously maximize efficiency and unpredictability in routes.
If one followed Tor's three node default
path length, an enclave-to-enclave communication (in which the entry and
-exit nodes were run by enclaves themselves)
+exit nodes were run by enclaves themselves)
would be completely compromised by the
middle node. Thus for enclave-to-enclave communication, four is the fewest
number of nodes that preserves the $\frac{c^2}{n^2}$ degree of protection
@@ -1188,8 +1186,7 @@
%RIAA; less so if threat is to application data or individuals or...

\section{Scaling}
-%P2P + anonymity issues:
+\label{sec:scaling}

Tor is running today with hundreds of nodes and tens of thousands of
users, but it will certainly not scale to millions.
@@ -1486,16 +1483,16 @@
an unexpected boon from the fact that we're a general-purpose overlay
network: as Tor grows more popular, other groups who need an overlay
network on the Internet are starting to adapt Tor to their needs.
-
+%
Second, Tor is only one of many components that preserve privacy online.
To keep identifying information out of application traffic, we must build
more and better protocol-aware proxies that are usable by ordinary people.
-
+%
Third, we need to gain a reputation for social good, and learn how to
coexist with the variety of Internet services and their established
authentication mechanisms. We can't just keep escalating the blacklist
standoff forever.
-
+%
Fourth, as described in Section~\ref{sec:scaling}, the current Tor
architecture does not scale even to handle current user demand. We must
find designs and incentives to let clients relay traffic too, without