[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: invitation to directory server operators
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: invitation to directory server operators
- From: "John Brooks" <aspecialj@xxxxxxxxx>
- Date: Fri, 12 Sep 2008 09:50:59 -0600
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Fri, 12 Sep 2008 11:51:09 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=kWSl46zvKbaefN8/iRxN/lFFMpz64lhlZgezHnZ9HOY=; b=rIuIqAdROeUxwLh9P6N4ZWl+huBz7cYOsRxF41KNiDfYOBTdurhMjwSI3/c02sxFP7 LhNX7kXO7FrQ6Ubt4eAhVnNLi7K5A4QLS6Jf6y5Xllpysl3xU8V7+6G0uKDxWhb/NL+j 5NYH/By0OXMq5UlCWl8bzJYxd76seTglddiMk=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=Iz/lhvZjUuQdWK7gU6WHmo/DOML22H4R7HW5a/Q7vQ6iKcQEQcJUEtPaoW1V54tUnP kX2wRky1Zns6V9eypdx42ECzbaNga25KR7aKyldDMz6b6+Ulfj92Z5yRBnso+E8jFfmZ zn9WpxTZd/A9cxm84dYJlLHI/CAQmfFL5JOrQ=
- In-reply-to: <200809121002.m8CA2cHE001787@xxxxxxxxxxxxx>
- References: <200809121002.m8CA2cHE001787@xxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On Fri, Sep 12, 2008 at 4:02 AM, Scott Bennett <bennett@xxxxxxxxxx> wrote:
> Oh. Part of my reason for the call to service for people already
> running directory servers was to *avoid* the need for such a change. Not
> all countries' laws and jurisprudences adhere to the "common carrier" concept,
> as you know. I'd much rather take care of the fragility problem through
> voluntary contributions than to slide it with little fanfare into the defaults
> for DirPort operations.
> You might better invest time in making the information about hidden
> service directory service and how to enable it more prominent in the tor
> documentation.
I don't believe the common carrier concept applies to hidden services
at all, or at least less than traditional tor does. Consider - all
hidden service traffic is encrypted for its entire path through the
network. The *only* people capable of decrypting this traffic are the
client and the service, which means anyone in between (such as your
server) is entirely in the dark. Serving the directory is similar -
you are mirroring the published services, not endorsing them, hosting
them, or looking into their content in any way. There is nothing in
place that would allow you to moderate the content of hidden services
via the directory, so it would be unreasonable for that to be
expected. Given that it is an entirely automated process mirroring
descriptors published by other parts of the network (which you have no
direct relationship with), and that you have no feasible way of
moderating the content, I think even a country without common carrier
laws would find this to be not problematic.
Also, if this is enabled by default, it will still only be respected
if you are already serving the normal tor directory - in countries
with laws restrictive enough to prevent mirroring the hidden service
directory, it seems that you'd have issues with the standard directory
as well, not to mention actual tor traffic. I think the legal risks of
the hidden service directory are minimal beside the risks of normal
tor traffic, so I doubt it'd be a problem for many node operators (and
if it were, they could disable this option again).
But, i'm not a lawyer, and certainly not a lawyer in any foreign
countries, so this is all just my assumptions.
- John Brooks