[tor-onions] Exit Enclaves 2.0 ?

Philipp Winter phw at nymity.ch
Thu Feb 11 16:13:14 UTC 2016


On Sun, Feb 07, 2016 at 01:39:57PM +0100, Moritz Bartl wrote:
> I was wondering the same when I saw the instructions published by
> mailbox.org last week:
> https://support.mailbox.org/knowledge-base/article/der-tor-exit-node-von-mailbox-org
> (German)
> 
> They operate an exit relay, and suggest to use MapAddress statements and
> the exit notation to use their exit for *.mailbox.org. I didn't see this
> previously, and they also don't explicitly enable exit notation, so I
> wondered if that actually works.
> 
> This requires manual client-side configuration, but the one-sided
> ability to draw traffic for a certain IP (range) to your exit like with
> exit enclaves is also not a good property, right?

Probably not, unless the exit relay can prove that it's run by the same
person that runs the Web server.  For example, it could have a blurb in
its extra-info descriptor that is signed with the Web server's private
key, but there are probably smarter ways.

Cheers,
Philipp


More information about the tor-onions mailing list