[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Restrict relay to internet2
Ringo Kamens wrote:
> Couldn't you just make your node a middleman and ban tor from
> connecting to your Internet One Connection? Comrade Ringo Kamens
Sorry, I meant to make clear that my node *is* a middleman, or what I've
been calling a relay.
And as I said in my initial email:
> It seems to me that I could do it with a lot of hairy routing rules,
> but this would be bad because I'd be breaking circuits all the time.
It would be really wasteful if nodes that are trying to make circuits
through my relay don't have any way of knowing that 90% of circuits are
going to fail (because they try to connect to an I1 node). But maybe
thats ok, or maybe I don't understand how circuits are constructed?
Nathaniel
>
> On Jan 9, 2008 12:40 PM, Nathaniel Fairfield < than@xxxxxxx
> <mailto:than@xxxxxxx>> wrote:
>
> F. Fox wrote:
>> Another thing: How would the PKI work over Internet2? AFAIK, Tor
>> needs to be able to talk to an authoritative directory server;
>> also, the directory it gets would be full of Internet1 (as I'll
>> refer to the "normal" Internet here) nodes.
>>
>> Clearly, an entirely new PKI would have to be set up, via forcing
>> options in copies of Tor (including, among other things, forcing a
>> few copies into authoritative directory mode). It would be an
>> interesting project, but it would take quite a bit of work.
>
> I wasn't thinking of setting up an entirely separate Tor network on
> Internet2. As I mentioned, I2 is transparent for my machine: when I
> connect to another machine (google, whatever), it will use I2 if
> possible and fall back to standard internet otherwise.
>
> So I was hoping to exploit the fact that several of the main Tor
> nodes (at MIT, Harvard, etc) are on I2, and I could relay a *lot* of
> traffic between such nodes. The problem is that I need to explicitly
> restrict my relay to those nodes because my standard internet access
> is bandwidth limited.
>
> Nathaniel
>
>