On Sun, 27 Oct 2013 20:17:30 -0400
Bill Cox <waywardgeek@xxxxxxxxx> wrote:
Thanks for the links, Roger. On the first thread, I agree with you
that exit nodes should not be expected to analyze the unencrypted
traffic to determine if behavior is acceptable. That's what NSA exit
nodes are for :-p However, OpenDNS style filtering should be
acceptable, IMO. It'd be a simple set of flags that each exit node
says it supports or blocks, so it could be fairly simple for Tor
users to route to an acceptable exit node. I would want the same
flags for relay nodes as well. That would block some sites people
don't want to redirect, such as porn sites
- not that I have issues with porn. I just don't want to waste my
bandwidth routing it.
I'm really confused how you expect "middle relays" to implement this
sort of filtering, given that *by design*, the middle relays are
ignorant of the destination of the traffic.
Oh I know, we could add a bit in the cell header that signifies if the
cell is carrying "objectionable or evil" payload a la (RFC 3514), and
it will be up for compliant implementations to tag their packets when
they're watching pron, so that relays can filter/censor traffic as
appropriate. There's probably fairly "interesting" anonymity
implications when certain relays won't ever be eligible to be part of
your path as well.
(As a side note how do you know that they were watching pron through
your exit? It's usually considered a bad idea for various reasons to
look at user traffic.)
Regards,