[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: ExitNodes for encrypted connects only are not possible. Why?

Hash: SHA1

On 05/09/2009 11:19 AM, Gitano wrote:
> In 'git.torproject.org/checkout/tor/master/doc/spec/dir-spec.txt'
> ExitNodes are defined as:
>    "Exit" -- A router is called an 'Exit' iff it allows exits to at
>     least two of the ports 80, 443, and 6667 and allows exits to at
>     least one /8 address space.
> I would like to setup my ExitNode for ports 443, 465, 563, 993, 995
> (https, ssmtp, nntps, imaps, pop3s) only, but this is not possible.
> What's the reason behind this? Is there any chance to loose this
> restriction in one of the next releases?

Feel free to configure your node to exit to those 5 ports only. That
makes your node an exit node for connections to those ports.

Your node won't get the Exit flag, though, but that's not required for
being an exit node. The Exit flag is used by clients for path selection.
Relays with the Exit flag are selected less often for non-exit
positions, so that their bandwidth is saved for exiting connections.
That means that your node will be selected more often as middle node and
less often as exit node compared to relays that have the Exit flag.

It's unlikely that the criteria you pasted above will be changed. There
need to be some criteria, and if almost every node matches them, the
flag would be useless.

Hope that helps!
- --Karsten

Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org