[tor-dev] design for a Tor router without anonymity compromises
teor
teor2345 at gmail.com
Mon May 4 00:48:43 UTC 2015
> Date: Sun, 3 May 2015 16:23:08 -0700
> From: coderman <coderman at gmail.com>
>
>> I suggest also adding mandatory audit logging to the scope of the
>> router software. In my opinion any and all state changes, whether
>> automatic (Tor circuit change) or manual (administrator changing
>> configuration) must be logged.
>
> this is an important detail; thank you for bringing it up. i will add
> the expected run logging and troubleshooting logging output collected
> on device and available to the owner via privacy director
> administrative access.
Some users will want as little logging as possible, as it can lead to privacy leaks if the device is compromised - may I suggest you turn it off by default?
teor
teor2345 at gmail dot com
pgp 0xABFED1AC
https://gist.github.com/teor2345/d033b8ce0a99adbc89c5
teor at blah dot im
OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150504/17465442/attachment.sig>
More information about the tor-dev
mailing list