[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Hidden service policies



This isn't about 'acceptable usage of Tor', this is necessary compromise
to limit exit operators' exposure to ISP harrassment.

Even if we accept your premise that no exit operator cares about internet abuse, it's still the same thing. ISP's define what is acceptable usage of their internet connections and by implication, what is acceptable usage of the Tor exit. Tor could ignore what ISPs want (which is usually quite reasonable), but then "no Tor" clauses in ISP acceptable usage policies would just become even more prevalent.
Â
The ability to do this implies the ability for intro points to learn the
identity public keys of hidden services they are introducing. ÂUnfortunately,
I believe this sort of enumeration attack is possible with the current HS
protocol, but I think proposal 224 will fix it.

It is currently possible and I am aware of proposal 224, which is why I'm bringing this up now. I don't think this is something that should be fixed without a lotÂof thought given to the consequences. I am by the way quite aware of all the counter arguments already, but someone has to play the devil's advocate here.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev