[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: German data rentention law

To: or-talk@xxxxxxxxxxxxx
Subject: Re: German data rentention law
From: 7v5w7go9ub0o <7v5w7go9ub0o@xxxxxxxxx>
Date: Sat, 18 Oct 2008 19:30:53 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 18 Oct 2008 19:31:11 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=K+1LGmhnahlq8+Rmhl1XgojHiHdzbdxooTO9UHeYjA8=; b=O5bHL67ty1BQmENvgP21x27WpUv/LGR14FHdMxAvTZedwrf28w4pIS/5KO7PpWOutR lXcb5BAOyvdLYXklaYj5r+2pJevpZ1bJVBcnjeiYxTJWIBA1rKQenwOlQNNDcIPkN0Tf orsqmYZQkKTYRgcGRBj7dGN55bBiHut2/asvg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=JymEaTo3uvvyS3oy2S+6N1MR6qQJWyWa9dC36dL7UMRR7olrdcIg6c0aKAseoUvMzT eErImBRQhCPmTqUpxkhsq2tigpPhetFvKCaazqktTjy9gpJ6DnavM9kqYNgXXi8WKpRS cgtT32FSkl8LtQnAYqLAotylxLPzApgeDmhek=
In-reply-to: <20081018230334.GF6497@xxxxxxxxxxxxxx>
References: <48F9A304.5020104@xxxxxxxxxxxxxxxxxxxx> <20081018201353.GE6497@xxxxxxxxxxxxxx> <48FA6696.1050702@xxxxxxxxx> <20081018230334.GF6497@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.17 (X11/20080914)

Roger Dingledine wrote:

On Sat, Oct 18, 2008 at 06:43:34PM -0400, 7v5w7go9ub0o wrote:

Roger Dingledine wrote:


<snip>

Otherwise, all german nodes have to switch to middle man.

<snip>


To be clear, I didn't write the above line.

1. Given that the ISP will have logs anyway, why disallow German exitnodes?


A fine question. Hopefully as we learn more about what ISPs will log,
we will come to decide that having Tor exit relays in Germany doesn't
pose much risk -- as long as we take appropriate other steps to make
sure the other end of the circuit isn't logged by German ISPs too.

2. How about changing all TOR port useage - including relays and entry
ports - to 443?
'Twould be hard to know which are entry nodes, which are relays, andwhich is browser traffic. That ought to make "mapping" the onion, andISP log analysis a little more challenging :-) .


It isn't just a matter of what port they listen on. So long as there's
a public list of Tor relays, then people can just compare IP addresses
they see to the public relay list. And that public relay list isn't
going away anytime soon, since Tor clients need it when picking a path.


Am presuming that some on that list are "multi-function" servers!?

Guess I'm thinking along the line of a PC that has a TOR relay andbridge (both) that's being logged by its ISP.

If all inbound and outbound TOR circuits were port 443, all the ISPwould log is a bewildering collection of inbound, SSL-encryptedconnections to 443, and outbound, SSL-encrypted connections to 443 -hard to know if any given inbound is an entry-connection, orrelay-connection.

Likewise, outbound connections to 443 somewhere else might be TOR, or itmight be the operator browsing his bank account.

If nothing else, defaulting to 443 would allow a greater number of"hotspot" laptops access to TOR from HTTP/S-only networks.

References:
- German data rentention law
  - From: Karsten N.
- Re: German data rentention law
  - From: Roger Dingledine
- Re: German data rentention law
  - From: 7v5w7go9ub0o
- Re: German data rentention law
  - From: Roger Dingledine

Prev by Author: Re: German data rentention law
Next by Author: Re: Default ORPort 443 [was: Re: German data rentention law]
Previous by thread: Re: German data rentention law
Next by thread: Re: German data rentention law
Index(es):
- Author
- Thread