[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Safe destinations

On Sat, Jul 4, 2009 at 3:03 PM, Peter Hultqvist<phq@xxxxxxxxxx> wrote:
> The forward DNS is problematic since they can be spoofed by pointing any
> domain to a server that does not belong to one. Second, I believe that
> ptr lookup is very limited but I'm not that knowledgeable in that area.
> One way could be to given an IP do an reverse lookup, take that domain,
> add _toraccept and do a forward dns lookup at suggested above.

So, I don't know that opt it will either map well enough to the set of
sites that won't be problematic for tor exit operators nor do I think
such adoption would be widespread enough to provide a real increase in
effective exit bandwidth.  If the safe list doesn't include some of
the highest bandwidth sites then its introduction (in whatever form)
would probably decrease the available "can reach anything" exit

I think some of the most many safe destinations are sites which are
old, inactive, and generally not likely to add some tor permission,
though having a way for sites to opt-in would also be useful.

Though if a site operator wants to facilitate tor they can run an exit
enclave i.e. run a node which only exits to themselves and tor will
use it preferentially. I don't think the importance of this technique
for increasing TOR's performance for your users can be overstated:
It's the only technique which prevents exit shenanigans for unsecured
protocols. (And separately, this is a functionality which should be
improved so that people do not feel forced to use hidden services to
get this functionality)

An interesting thing I've seen mentioned a few times in the thread is
webmail services. Are these really safe exit locations, or is law
enforcement going to come seize your node after the first dimwit sends
a bomb threat via your node and yahoo mail?  My thinking was primarily
around service which were read only or nearly so or at least where any
writing is among friends.