[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Protecting exit-nodes by GeoIP based policy

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Protecting exit-nodes by GeoIP based policy
From: numE <numE@xxxxxxxxxxxx>
Date: Mon, 11 Sep 2006 00:04:07 +0200
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Sun, 10 Sep 2006 18:04:26 -0400
In-reply-to: <87sliz2xl8.fsf@kosh.bigo.ensc.de>
References: <87sliz2xl8.fsf@kosh.bigo.ensc.de>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.5 (Macintosh/20060719)

This is a good idea.
I had nearly the same.

Maybe it could be solved even easier.
The server-config just needs an option to set "mycountry".

when establishing an onion-route the client should
simply choose an exitnode where mycountry is not equal
to the country of the server he wants to connect.

so.. exitnodes of country a will connect to targets in country b and c
and vice versa.

basically what you suggested, but forced.

Enrico Scholz schrieb:
> Hello,
> 
> I just had the idea which can help to protect exit-nodes against some
> kinds of legal prosecution. Basically, it would be policy to Tor servers
> which says "do not connect into country XY". Such a rule does not increase
> anonymity but would require that legal actions (e.g. confiscations) must
> be performed in another country than this where the crime happened. This
> is a much higher hurdle, especially for lower delinquencies.
> 
> I see two steps how this policy can be implemented:
> 
> A. On client side
> 
>  1. add a new option, e.g. 'Jurisdiction' with possible values of
>     * 'other'  ... when set, do not use an exit-node when it is the same
>                    jurisdiction as the target-ip; this should be the
>                    default on new installations
>     * 'same'   ... use an exit-node only, when it is in the same
>                    jurisdiction (just for completeness...)
>     * 'ignore' ... ignore jurisdiction (same behavior as now)
>     * a country code  ...  use only exit-nodes within this country; a
>                    negated format should exist too
> 
>  2. when choosing path, use only exit-nodes which are following the
>     constraint above
> 
> 
> B. On (exit-)node side
> 
>  1. add a new option, e.g. 'JurisdictionPolicy' which accepts country
>     codes and perhaps special values like '%same'. Behavior is similar
>     to the client side option mentioned above
> 
>  2. Tor protocol/meta data must be changed to transmit this option
> 
>  3. node forbids connections which are violating the policy
> 
> 
> The decision whether a node and a target are in the same jurisdiction can
> be done e.g. by a GeoIP like service. A problem might be the license:
> GeoIP is GPL, Tor is BSD. Dunno, whether the database can be used freely
> and Tor has to implement own parsing routines. Perhaps, similar projects
> exist.
> 
> 
> 
> Enrico

Follow-Ups:
- Re[2]: Protecting exit-nodes by GeoIP based policy
  - From: Arrakistor

References:
- Protecting exit-nodes by GeoIP based policy
  - From: Enrico Scholz

Prev by Author: Re: torstat - another suggestion
Next by Author: Re: Protecting exit-nodes by GeoIP based policy
Previous by thread: Protecting exit-nodes by GeoIP based policy
Next by thread: Re[2]: Protecting exit-nodes by GeoIP based policy
Index(es):
- Author
- Thread