[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Exit Enclaves (Roger Dingledine)

On Wed, Apr 27, 2011 at 8:36 AM, Gabriel Weinberg <yegg@xxxxxxxxxxxx> wrote:
Good point. Our root A record has moved around recently for scalability and then the Amazon outage.

The enclave is running at, the same place the hidden service (http://3g2upl4pq6kufc4m.onion/) should be pointing to. tor.duckduckgo.com also points there.

Is there a way to redirect people who enter the root domain to be routed to the enclave IP?

I doubt it, it's outside the Tor network, so it would have to travel through an exit node to reach it.  Configuring your Tor node running on tor.duckduckgo.com may allow people to exit through that node, but I don't know if it would then become the main route through the Tor network.

Perhaps someone here could clarify?


Gabriel, http://ye.gg/

On Tue, Apr 26, 2011 at 11:34 PM, Zac Lym <zaclym@xxxxxxxxxxxxxx> wrote:

On Tue, Apr 26, 2011 at 09:58:51AM -0700, Zach Lym wrote:
> I am doing page load tests on an exit enclave (duckduckgo.com) over a period
> of a few weeks.  I am worried that I will exit at other nodes and reach the
> public duckduckgo site.

% host duckduckgo.com
duckduckgo.com has address

% grep cached-*
Odd, I will CC the CEO.

I think there is no Tor relay running at that IP address currently,
so this exit enclave you're hoping for cannot happen. An exit enclave
is a Tor exit relay that runs on the same IP address as a destination
(e.g. a website).

> The documentation is somewhat ambiguous on this point: If a service provides
> an enclave node, the standard Tor out-proxy's are *not* used, correct?

Perhaps you mean a Tor hidden service, not an exit enclave?

No, I mean a properly configured exit enclave which (as I understand it) is reachable when using Tor without using out-proxies. Out-proxies are the real choke-point of the Tor network...

In which case, yes, if you visit a .onion address, that won't involve
Tor exit relays. You instead do a rendezvous inside the Tor network:

> Thank you,
> > P.S. Would using paid proxy's which exit in other continents improve
> external validity?

What does 'external validity' mean?
Similarity to the real world and/or applicability outside of the testing environment.  So, would someone in China or Europe get differen circuits, is using the same IP and Tor node over and over going to create caches, etc.


tor-talk mailing list