Roger Dingledine schrieb:
I believe this to be the most interesting question... since the user does not know his connection will be relayed via a client-exit, there will only be encryption up until the last relay (the one advertising itself as an exit). Therefore, even if you re-encrypt the data for transfer to the client-exit, it will now be *two* hops being able to read the user's traffic in cleartext. I don't think that's an improvement... I'd even go as far as saying it's the exact opposite of what we want.- Related to load balancing: how much additional latency are we talking about, from adding a fourth hop to the circuit? Because it would seem that you need four hops, since the "relay to client-exit" hop isn't adding much additional anonymity. (Or is it?)
Plus, having the last relay re-encrypt the connection will add additional CPU and RAM load, which IMHO is not a good idea.
Regards Andrew