[tor-dev] Proposal: Stop giving Exit flags when only unencrypted traffic can exit

Tim Wilson-Brown - teor teor2345 at gmail.com
Tue Jan 5 01:15:09 UTC 2016


> On 5 Jan 2016, at 11:29, Tom van der Woerdt <info at tvdw.eu> wrote:
> ...
> 2.1. Exit flagging
> 
>  By replacing the port 6667 (IRC) entry with a port 5222 (XMPP) entry, Exit
>  flags can no longer be assigned to relays that exit only to unencrypted
>  ports.

One consequence of this proposal is that relays that only exit to 443 and 6667 will lose the Exit flag.
But these relays do exit to an encrypted port, so this somewhat contradicts the goal of the proposal:
"Exit flags can no longer be assigned to relays that exit only to unencrypted ports."

Why not make the rule: "at least one of 80/6667, and at least one of 443/5222".

I am also concerned about the choice of XMMP "because the XMPP protocol is slowly gaining popularity within the
 communities on the internet".
Shouldn't we focus on secure protocols that are widely used right now?

Alternately, we could add other widely used SSL ports in addition to XMMP, and perhaps increase the rule to "at least two SSL ports".

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160105/3e8d34f1/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160105/3e8d34f1/attachment-0001.sig>


More information about the tor-dev mailing list