[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: more letters from the feds

On 1/27/07, Seth David Schoen <schoen@xxxxxxx> wrote:
Anthony DiPierro writes:

> Or what about a hidden service for reading web pages in general?
> Something which doesn't support POST (or maybe even GET), so is much
> less likely to be used abusively.  Is this feasible?

The current directory scheme does allow (in fact, requires) policies
to be specified in terms of IP addresses and TCP port numbers.  So
a "web browsing only" exit node is possible.

A port 80 only exit node is possible. This isn't the same as an exit node which can only be used for reading web pages).

A "GET-only" exit node can't be specified with the current directory
system, which isn't capable of expressing any information about what
an node will do with connections to a particular TCP port other than
allow or deny them.  You could make an "HTTP GET only" exit node, but
you wouldn't have a way to tell clients that your node enforced that
policy, and users would probably get mad (and stop using your exit
node entirely) when some of their transactions failed mysteriously.

Yes, exactly.  What you could do, though, is run a hidden service
which provides anonymous "HTTP GET-only" web access, and you wouldn't
have to break any protocols or cause anyone to get mad.  *IF* that
hidden service became popular, it could potentially take a lot of load
off the exit servers.

Anyway, just an idea I was throwing out there.  The big questions are
1) is there enough traffic which consists only of browsing websites to
make it worth it, and 2) are there enough people willing to run "HTTP
GET-only" hidden services to make it worth it?  Personally I'd answer
a resounding "yes" to question 1 in that I use Tor primarily for "HTTP
GET", but as I'm currently on a relatively slow EVDO connection I
couldn't answer "yes" to question 2.