[tor-relays] Is there a reason for all exit nodes being public?

Paul Syverson paul.syverson at nrl.navy.mil
Wed Dec 7 14:33:41 UTC 2016


On Wed, Dec 07, 2016 at 02:15:55PM +0200, Rana wrote:
> >How would that work? First of all, the clients need to know which exit nodes exist, so that they can build circuits. That list, as well as that of the middle nodes, is public, otherwise you'd >have to manually request exits by email/web service/… As a result you'd be limited to a few exits, which might not necessarily have an exit policy matching your needs, or might be offline, >or simply overloaded on account of there being less than regular exits.
> The same way bridges work. They are not published.
> 
> >By the way, I just checked, Gmail works without problems over Tor (both Web and IMAPS).
> Using Gmail over Tor when they already know who you are is
> self-defeating. Try to register an anonymous Gmail account using
> Tor.

Responses have already been given in this thread about trying to
obtain an email account that is anonymous (err, pseudonymous) with the
intended meaning that the service provider is not directly given
another identity (phone number, etc.) intended to be kept
separate---where "given" means that the service provider can (easily)
associate these. (So not some sort of ZKP of a blinded credential, etc.)

'Anonymous' often gets thrown around quite recklessly, but the much
more important problem with the above statement is perpetuating the
false impression that letting a service provider know such
associations must be contrary to the goals of Tor.  As we wrote in
1996, "Our motivation here is not to provide anonymous communication,
but to separate identification from routing. Authenticating
information must be carried in the data stream...  use of a public
network should not automatically reveal the identities of
communicating parties. The goal here is anonymous routing, not
anonymity." As of last April, FaceBook reported over a million users
per month via Tor. As to GMail, you might want to access GMail over
Tor to complicate geo-location by GMail, or because you don't want a
local ISP (or your VPN provider or...) to know you are accessing
GMail, or...

aloha,
Paul


More information about the tor-relays mailing list