Am 12.09.2008 um 17:50 schrieb John Brooks:
Also, if this is enabled by default, it will still only be respected if you are already serving the normal tor directory - in countries with laws restrictive enough to prevent mirroring the hidden service directory, it seems that you'd have issues with the standard directory as well, not to mention actual tor traffic. I think the legal risks of the hidden service directory are minimal beside the risks of normal tor traffic, so I doubt it'd be a problem for many node operators (and if it were, they could disable this option again).
I don't agree. Normal Tor directories list _routers_, HS directories list _servers_ and therefore _content_ in most cases. And I don't have a good feeling with mixing these two things.
To make a graphic example:I don't have a bad conscience if somebody anonymously accesses child pornography sites over my tor node, which is accessible anyways. The site can still be tracked down and removed by the local authorities. And as a node operator I even have the possibility to block such sites with according exit policies if I like to.
With HS there is a new service space created. And therefore more responsibility. With running a Tor node supporting HS I also make arbitrary services available, which otherwise might not exist. I really like the idea of HS in general, and there are some great applications for it. But on the other hand there are services which I can not accept to support (to create) with my resources.
Accordingly, it would be much more cleaner to separate HS as much as possible from Tor and to see it as an application _on_top_ of Tor. So I don't like the idea to make every Tor node a HS node by default. They are two different things. To promote hidden services by foisting them to all Tor node operators is not fair, I think, and can even become dangerous for the Tor project. They should be promoted separately.
As a Tor node operator in the case of HS I'm much more in the need for fine grained access policies due to the higher responsibility. As I wrote in a mail before, at the moment the opposite is true. I can control access of general exit node traffic in exit policies. But I have no control if and for what HS my node becomes an entry point. Similar is true for the HS directory, which I can only switch on or off in general. If for example the public in Germany will find out, that there are HS for sharing child pornography and nobody can do something about it, the whole Tor project and especially the HS directories and entry points (but the public will not be able to discriminate) will get under heavy fire here (don't know how sensitive this issue is in other countries). If Tor will support the blocking of certain HS for node operators at that moment, the attack might be a bit milder and can be "rerouted" to the HS to some extent.
Regards, Sven -- http://sven.anderson.de "Believe those who are seeking the truth. tel: +49-551-9969285 Doubt those who find it." mobile: +49-179-4939223 (André Gide)