[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #23637 [Core Tor/Tor]: Make exit flag depend on ports 80 and 443, not 6667
#23637: Make exit flag depend on ports 80 and 443, not 6667
--------------------------+------------------------------
Reporter: arma | Owner: (none)
Type: enhancement | Status: needs_review
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------
Comment (by cypherpunks):
Replying to [comment:4 arma]:
> Replying to [comment:3 cypherpunks]:
> > if there are exits that don't want to pass insecure connections (using
443 and 6667 as a workaround)
>
> The trouble is that using 443 and 6667 *isn't* a workaround.
It is. For exits, of course. While "443 and 6697" is not available.
> For clients who browse the web using both 80 and 443, if they get an
exit that only does 443, they need to get a second exit that does 80, for
that same interaction. Suddenly they have way more exposure for that
interaction than they needed to have.
This is a mixed content case. That's why MCB was activated in TBB. Users
are explicitly warned about passive/active insecure content on secure
webpages. More exposure of the client is far less dangerous than more
exposure of the exit to ISP and others.
> Pointing back to #22820: the main effect of the Exit flag is to help
with load balancing. It makes clients choose that relay less (currently
never) for non-exit positions in their circuits. Whereas the presence or
absence of the Exit flag *doesn't* prevent clients from building circuits
that exit from that relay -- that choice depends on the streams that the
client is trying to handle, and the exit policy of each relay they're
considering.
And you want more exits to be used for non-exit positions, don't you?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23637#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs