[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?

On Sat, 12 Feb 2011, Gregory Maxwell wrote:

So back to the case in question: We must look at the cost of excluding
an infinitesimal piece of flexibility (the conceivable uses of four
non-exit flagged exit nodes, is I believe what this policy would
impact today), vs a tiny piece of social policy (if you want to run an
exit node to :80, you're going to allow it to exit to :443 as well or
no one will use it, thus subsidizing port 443 capacity on the back of
port 80 capacity) and decreased incentive for tor users to run
personal exit filters (which would result in network partitioning and
reduced anonymity for everyone if widespread).

I was not aware that "the plan" had evolved into a 1:1 mapping between ports you usually use in cleartext and ports you usually use enciphered.

So, if my exit has TCP 19 open ... what will you accept as a suitably secure chargen ? What about 37 ? I don't know of a standalone time protocol that is encrypted ...

Since there is not a clear 1:1 mapping of cleartext and not ports (we _can_ agree on that, right ?) then I suppose some system of "weights" will have to be applied. How would this weigh out:

21, 23, 25, 53, 1337, 2105, 5555, 32245

There are four TCP ports that you usually use cleartext, and four that you usually use encrypted ... is that exit policy acceptable ? Or do you assign different weights based on how well you know the protocols ? I've sure never heard of "MMTSG-mutualed over MMT (encrypted transmission)" so ... I'd assue a low weight.

But then what about the malicious operator that takes a few seconds to post to or-talk and "explains" their exit policy that didn't weight out properly ... then what ? Is it a panel of three ? A panel of five ? Are there appeals ?

I'm going to abandon what I thought were slam dunk philosophical arguments against this notion and just sit back and wait for the implementation proposals. For the lulz.
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/