[or-cvs] r12599: more progress on the geoip proposal (tor/trunk/doc/spec/proposals)
Robert Hogan
robert at roberthogan.net
Mon Dec 3 21:16:32 UTC 2007
On Monday 03 December 2007 11:24:27 you wrote:
> On Thu, Nov 29, 2007 at 08:58:16PM +0000, Robert Hogan wrote:
> > >Is it sufficient just to add a new GETINFO command?
> > > GETINFO ip-to-country/128.31.0.34
> > > 250+ip-to-country/128.31.0.34="US","USA","UNITED STATES"
> >
> > Other commands that would be useful:
>
> Speaking of which, I hear that Tork lets users specify entry / exit by
> country.
Only exit by country.
> Can you describe how this works? (What the interface for the
> user is,
http://roberthogan.net/images/preferredexits.jpg
http://roberthogan.net/images/selectingservers.jpg
http://roberthogan.net/images/excludeexits.jpg
The user can prefer/exclude servers from the network server list (the list
can be filtered in multiple ways to allow easy selection of multiple servers
at a time).
There's also a pseudonymous browsing button ('Citizen of') which allows you to
select the country you would like to 'browse from'. TorK then tells tor to
only use exits from that country.
> how Tork obtains the geoip data and how much it can be trusted
The geoip data is bundled with tork. There's no mechanism for updating it
currently, but i do refresh it between releases. Tork uses the geoip country
db only. It seems to be fairly reliable - I've never noticed a whois on a
server entry contradict the server's flag, for what that's worth. The older
the database the more 'unknown' servers you get - TorK indicates these with a
question mark icon.
> and what attacks exist,
I wonder .. ;-)
> what part of the the controller interface it uses with tor,
exitnodes, strictexitnodes, exludenodes, strictexcludenodes
> any issues you ran into it adding it,
the most annoying thing is having to manage references to the fp's everywhere.
I haven't done this elegantly but it appears to be reliable. overall it was
quite a straightforward feature to add.
> whether the geoip proposal
> I've been working on would complement it or force a redesign, etc?)
complement, I would say!
>
> Thanks!
> --Roger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20071203/77d95a5b/attachment.pgp>
More information about the tor-dev
mailing list