[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Question about exit policy.



On Mon, May 23, 2005 at 02:51:47PM -0400, Humberto Ortiz Zuazaga wrote:
> For better or worse, many servers place more trust in clients on local 
> networks than external clients. The default exit rules allow exits to local 
> networks except when the local network is private. Shouldn't public local 
> networks get the same treatment?

On the other side of the coin, many Tor servers *want* people to exit
from them for nearby services, so users can have end-to-end encryption
and end-to-end authentication even for applications that don't have
these security features built-in. Consider blogging sites, Indymedia, etc.

We haven't implemented this part fully yet -- to have Alice automatically
detect whether there's a Tor node nearby her intended destination --
because there are still some design questions we're wrestling with,
but I plan for the 0.1.1.x release to have a partial solution for this.

So given that we can't predict what the Tor server operator has in mind,
we figured the best way to do it is to let him choose his exit policy.

--Roger