[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Default ORPort 443 [was: Re: German data rentention law]

On Sun, Oct 19, 2008 at 01:44:15AM -0500, Scott Bennett wrote:
> >If nothing else, defaulting to 443 would allow a greater number of 
> >"hotspot" laptops access to TOR from HTTP/S-only networks.
> >
>      Doing that, however, *would* make it rather difficult for the same
> machine--or another machine sharing the same IP address for a NAT'ed LAN
> gateway--to run a web server supporting HTTPS connections.  That alone
> should be sufficient reason not to change the default ORPort to 443.

Besides, opening ports < 1024 usually requires root-privileges,
which could introduce serious security issues if an exploitable
flaw were found in Tor. You can still advertise port 443 as your
ORPort and listen on 9001, but this requires some port-forwarding
magic, which is not entirely feasible for a default
configuration. (But your other reason is sound as well)

just my 2c