On Sat, Aug 31, 2013 at 12:27:22AM -0400, grarpamp wrote: > On 8/30/13, Andrea Shepard <andrea@xxxxxxxxxxxxxx> wrote: > > On Tue, Aug 27, 2013 at 11:08:34AM -0500, Jon Gardner wrote: > >> Then why have exit policies? Exit nodes regularly block "unwelcome" > >> traffic > >> like bittorrent, and there's only a slight functional difference between > >> that > >> and using a filter in front of the node to block things like porn > > > > There's a considerable functional difference: an exit policy is a defined > > list of specific hosts and ports to accept/reject, and it's advertised in > > the exit's descriptor. Your client can just pick a different exit node > > if the connection it wants to make is not permitted by a given exit's > > policy. > > A "porn filter" is inherently fuzzy and unpredictable, so couldn't be > > implemented without breaking clients trying to use that node. Filtering > > traffic other than as declared by your exit policy should and will get your > > exit the BadExit flag. > > > This is why we need to implement extended exit flags for exits that want > to run post-exit filtering/enhancement policies, say for example > "noporn" > that way we can get all the religious groups dumping their tithes into > not just beaming reruns of the 700 club around the world, but a pile of > uber fast exits too. What a disastrous notion; the exit policy system works because clients can predict in advance whether an exit will pass a given connection; it depends only on the destination host/port. That could never be the case for any of these. > And how about > "novirus" delivered by microsoft > "doublesyourcoins" propped up by the donations of fools > "trusted" run by legit governments Oh, please, do tell where you expect to find a 'legit' government and why one should 'trust' it? -- Andrea Shepard <andrea@xxxxxxxxxxxxxx> PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF DE79 A4FF BC34 F01D D536 PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5 DF7E 4191 13D9 D0CF BDA5
Attachment:
pgpKL44fAtmog.pgp
Description: PGP signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays