[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Control Spec Addition First Draft
my comments inline below.
On Jan 24, 2010, at 1:58 AM, Damian Johnson wrote:
Hi all. This proposal doesn't seem to be going anywhere so thought I
should give it one last nudge before moving on to more worthwhile
work. The issue's sticking point seems to be a difference of opinion
about what constitutes relay evilness. Nick, Jake, and Sebastian all
believe in a hard line stance against any retrieval of connection
information (netstat, lsof, etc). I disagree, and think this is
harmless unless stored or communicated. Unless this can be resolved
I think it's obvious the proposal isn't going anywhere.
Please note that I'm discussing relay to relay connections at the
moment. If we can't even agree on that then client and exit
connections are a moot point (and besides, I agree they should
definitely be hidden from relay operators - personally I think it's
the responsibility of client applications like vidalia and arm to
scrub this data, but that's a different discussion...).
This seems to change the original intent of the proposal, which was
(afaiui) to get a listing of all connections from Tor. I wouldn't mind
doing that at all. It does, however, depend on the implementation of
proposal 163 (detecting clients), because otherwise Tor itself cannot
reliably differentiate in all cases.
Just to be clear I agree this proposal should be killed if it poses
a threat to Tor users. However, I don't believe it does and still
have yet to hear an example of any sort of threat it aggravates.
Without that I'm a bit puzzled at the source of objections. If the
chief issue is legal or not wanting to risk the appearance of
supporting snooping that's fine (strikes me as political posing if
there's no actual benefits to users, but cest la vi).
If you change it to be explicit about the fact that you do not want to
show exit/guard connections, I think this would be ok. It needs to be
actually spelt out, though.
My bias is toward safety for relay operators and I'm glad to see
others biased toward user privacy pushing back. Hopefully we'll be
able to find something acceptable to all parties concerned but if
not it won't be the end of the world. Cheers! -Damian
Just to see if others are interested in moving this along, or if
everyone wants to kill it.