[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-dev] Much-revised draft, RFC: removing current obsolete clients from the network
Hi,
Nick Mathewson:
I should try to clarify!
Awesome!
questions don't seem to apply to proposal 266
They are about the central control of a [somewhat] distributed network,
specifically, the execution of clients on behalf of the operator.
So, #264 & #266.
I've tried to split the first version of the
proposal into 2.
I understand the proposals as:
prop#264 is for how things _should_ work ;
prop#266 is what we do in the absence of
client-side support in existing Tor versions.
anybody who doesn't know how to die via prop264
will be killable in whatever way we choose for prop266.
And would recommend the titles [though obviously not as relevant as the
contents]:
'How to ensure client death'
'How to kill clients that wont die'
I'm not aware of anything published.
Bummer ):
reasons:
1) A non-updated Tor is insecure.
2) the bulk of [some older] deployed versions appear
to be defunct botnets
3) [Depreciated] features
Word.
impact is so large it requires this level of action
Where can this impact be studied?
Given there is no research, there must be a way to visualize the impact.
Windows XP clients still running today, making the
internet less secure.
Business clients pay money to keep MS supporting XP systems, though that
doesn't weaken the internet as a whole.
every current Tor MAY eventually prove so broken it
needs to go away
Word.
It feels like a decision that the operator should make but I kind of see
the issue with abandoned clients.
The poison consensus seems fun.
Thanks for taking the time to write, it means a lot (:
Wordlife,
Spencer
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev