On Tue, 8 Mar 2011 20:01:52 -0500 grarpamp <grarpamp@xxxxxxxxx> wrote: > > Please separate the 'kill all streams' command from the NEWNYM command. > > Yes, I would make that separate too. I would think a NEWNYM should only > cause truly TCP new connections to use a new exit. > > While this is being examined, please have a look at my > NEWNYM buckets proposal of 6 jan 2011... > > ========== > I've commonly seen exits (or paths) reused within a certain period > of time after issuing a NEWNYM. > > For the users that have such a need, it would be nice if Tor could > optionally keep a historical bucket of configurable entry length > (whether based upon time and/or number of prior nodes/paths used). > Such that any such nodes or paths would not be reused so long as > they remained in the bucket according to its expiry rules. This will harm user anonymity. Circuit path selection must be independent of the circuits and exit nodes which a client has previously used. > And as an aside, to the extent it is not already done, different > ports on the same host should not necessarily be aggregated over > the same circuits. I'd wager that they should not, so as to appear > separate to the observer. Mostly for efficiency. Think of > checking/writing multiple email accounts on the same provider... > via IMAP/POP/HTTP/SMTP... without exposing too much relatedness > due to using the same exit for all at once. See proposal 171 (and its surrounding discussion). Separating streams by destination port will not help separate users' web-browsing activities from their Internet mail connections. Robert Ransom
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk