Hi Tim, Thanks for your comments! Appreciated as always :-)
Op 05/01/16 om 02:15 schreef Tim Wilson-Brown - teor: > >> On 5 Jan 2016, at 11:29, Tom van der Woerdt <i...@tvdw.eu >> <mailto:i...@tvdw.eu>> wrote: >> ... >> 2.1. Exit flagging >> >> By replacing the port 6667 (IRC) entry with a port 5222 (XMPP) entry, >> Exit >> flags can no longer be assigned to relays that exit only to unencrypted >> ports. > > One consequence of this proposal is that relays that only exit to 443 > and 6667 will lose the Exit flag. > But these relays do exit to an encrypted port, so this somewhat > contradicts the goal of the proposal: > "Exit flags can no longer be assigned to relays that exit only to > unencrypted ports." (Sorry for the huge Perl oneliner -- it's a consensus parser...) $ curl -q http://128.31.0.34:9131/tor/status-vote/current/consensus 2>/dev/null | perl -nle' @l= split /\s/, $_; if ($l[0] eq "r") { if ($r) { if (grep { "Exit" eq $_ } @{$r->{s}//[]}) { my @ports= split ",", $r->{p}[2]; @ports= map { $_ =~ /(\d+)\-(\d+)/ ? eval("$1..$2") : $_ } @ports; my %p= map { $_ => 1 } @ports; if ($p{443} && !$p{80} && $p{6667} && !$p{5222}) { print "$r->{r}[1] $r->{w}[1]"; } } } push @r, $r={} } $r->{$l[0]}= [@l];' (tlcr: any relay that currently holds an Exit flag and allows exiting to 443 and 6667, but not 80 or 5222.) tiggersWeltTor1 Bandwidth=2600 smallegyptrela01 Bandwidth=22 These two relays will be impacted, indeed. > > Why not make the rule: "at least one of 80/6667, and at least one of > 443/5222". Also sounds good to me. I opted for the smallest possible change (6667->5222) but what you're suggesting lgtm. > > I am also concerned about the choice of XMMP "because the XMPP protocol > is slowly gaining popularity within the > communities on the internet". > Shouldn't we focus on secure protocols that are widely used right now? > > Alternately, we could add other widely used SSL ports in addition to > XMMP, and perhaps increase the rule to "at least two SSL ports". Imho the challenge is in finding port number(s) that accurately reflect what Tor is for, while also having a sufficiently large user base for it to be relevant. XMPP probably has more users than IRC, and is a good match for what I think Tor would consider important (communication). Also note that we now have Tor Messenger. Other protocols (SSH, IMAP, POP3, SMTP) are indeed more popular but I feel that those less reflect the goals of the project, and they are certainly abused more. > > Tim > > Tim Wilson-Brown (teor) > > teor2345 at gmail dot com > PGP 968F094B > > teor at blah dot im > OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F > > > > _______________________________________________ > tor-dev mailing list > tor-dev@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev > _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev