On 08/28/2013 12:08 AM, Jon Gardner wrote:I do not wish to comment on the morality or desirability of traffic filters, but on the implementation:Then why have exit policies? Exit nodes regularly block "unwelcome" traffic like bittorrent, and there's only a slight functional difference between that and using a filter in front of the node to block things like porn (which, come to think of it, also tends to be a bandwidth hog like bittorrent--so it doesn't have to be just a moral question). It is much easier to block the majority of BitTorrent traffic than it is to block specific content served through HTTP. Torrent traffic can be blocked by the reduced exit policy, which is a static whitelist of ports to allow. To do the same thing for content over HTTP, one would have to maintain a dynamic blacklist of IPs (or IP/port combinations) to block, which is much more challenging. An even more challenging alternative would be to implement deep packet inspection at the exit nodes—I think this is completely unpalatable to most Tor developers and exit node operators (and maybe illegal under US wiretapping laws). Vincent |
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays