On Fri, Sep 12, 2008 at 4:02 AM, Scott Bennett <[EMAIL PROTECTED]> wrote: > Oh. Part of my reason for the call to service for people already > running directory servers was to *avoid* the need for such a change. Not > all countries' laws and jurisprudences adhere to the "common carrier" concept, > as you know. I'd much rather take care of the fragility problem through > voluntary contributions than to slide it with little fanfare into the defaults > for DirPort operations. > You might better invest time in making the information about hidden > service directory service and how to enable it more prominent in the tor > documentation.
I don't believe the common carrier concept applies to hidden services at all, or at least less than traditional tor does. Consider - all hidden service traffic is encrypted for its entire path through the network. The *only* people capable of decrypting this traffic are the client and the service, which means anyone in between (such as your server) is entirely in the dark. Serving the directory is similar - you are mirroring the published services, not endorsing them, hosting them, or looking into their content in any way. There is nothing in place that would allow you to moderate the content of hidden services via the directory, so it would be unreasonable for that to be expected. Given that it is an entirely automated process mirroring descriptors published by other parts of the network (which you have no direct relationship with), and that you have no feasible way of moderating the content, I think even a country without common carrier laws would find this to be not problematic. Also, if this is enabled by default, it will still only be respected if you are already serving the normal tor directory - in countries with laws restrictive enough to prevent mirroring the hidden service directory, it seems that you'd have issues with the standard directory as well, not to mention actual tor traffic. I think the legal risks of the hidden service directory are minimal beside the risks of normal tor traffic, so I doubt it'd be a problem for many node operators (and if it were, they could disable this option again). But, i'm not a lawyer, and certainly not a lawyer in any foreign countries, so this is all just my assumptions. - John Brooks