[tor-relays] #2667 [Core Tor/Tor]: Exits should block reentry into the tor network
Roger Dingledine
arma at mit.edu
Wed Jan 31 11:46:01 UTC 2018
On Wed, Jan 31, 2018 at 11:41:00AM +0000, nusenu wrote:
> > Comment (by arma):
> >
> > I continue to think that teaching exit relays to avoid allowing exit
> > connections to known relays (IP:ORPort) is a good and useful step.
> >
> > We keep running across messy situations where letting somebody connect to
> > a relay from an exit relay's IP address turns into a security surprise.
>
> Does that mean that exits will no longer be able to run tor clients (ie. to
> run apt updates via tor)?
No, they are unrelated. The things you describe would be connections
made by the Tor client, and the things I describe would be connections
made by building a circuit to the exit and sending a begin cell.
(Also, if you want to reply to a trac ticket comment, the strategy of
responding on the tor-relays list is a very odd approach. :)
--Roger
More information about the tor-relays
mailing list