[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #26646 [Core Tor/Tor]: add support for multiple OutboundBindAddressExit IP(ranges)
#26646: add support for multiple OutboundBindAddressExit IP(ranges)
-------------------------------------------------+-------------------------
Reporter: nusenu | Owner: (none)
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: needs-proposal, tor-exit, ipv6, | Actual Points:
censorship |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
Yes, a short proposal would be helpful.
I'd like to see a sketch of the design:
* how are the ranges specified in the torrc
* how does the exit decide when to use a new IP
* how are the new IPs chosen from the range
And also a discussion of the risks:
* clients use the same circuit and exit for the same website, because some
broken websites expect the same user to have the same IP for different
connections
* do clients deliberately use the same exit through different circuits?
I don't think so, but I'm not sure
* some circuits can be distinguished, because they come from different IP
addresses
* does the new syntax also apply to outbound OR connections?
* if relays use a different address to their published address for
directory requests, authorities may refuse those requests
* relays try to keep canonical connections open with other relays, and
different addresses make them rotate connections faster
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26646#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs