aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2008-07-11 19:13:36 +0000
committerNick Mathewson <nickm@torproject.org>2008-07-11 19:13:36 +0000
commitc3194978866ff09d7d074b7863c45e5c92eb05d5 (patch)
tree4801b3d0da27ba18d8e077e0c7af1ba320574454
parent221eccd9fe76f80644dfc640c539effbdaefe65e (diff)
downloadtor-c3194978866ff09d7d074b7863c45e5c92eb05d5.tar
tor-c3194978866ff09d7d074b7863c45e5c92eb05d5.tar.gz
r16923@tombo: nickm | 2008-07-11 15:12:12 -0400
Mark proposal 150 accepted; add risks section; revise English a bit. svn:r15845
-rw-r--r--doc/spec/proposals/000-index.txt4
-rw-r--r--doc/spec/proposals/150-exclude-exit-nodes.txt45
2 files changed, 30 insertions, 19 deletions
diff --git a/doc/spec/proposals/000-index.txt b/doc/spec/proposals/000-index.txt
index 95fe65011..aa8126d82 100644
--- a/doc/spec/proposals/000-index.txt
+++ b/doc/spec/proposals/000-index.txt
@@ -72,7 +72,7 @@ Proposals by number:
147 Eliminate the need for v2 directories in generating v3 directories [ACCEPTED]
148 Stream end reasons from the client side should be uniform [ACCEPTED]
149 Using data from NETINFO cells [OPEN]
-150 Exclude Exit Nodes from a circuit [DRAFT]
+150 Exclude Exit Nodes from a circuit [ACCEPTED]
151 Improving Tor Path Selection [DRAFT]
@@ -84,7 +84,6 @@ Proposals by status:
133 Incorporate Unreachable ORs into the Tor Network
141 Download server descriptors on demand
144 Increase the diversity of circuits by detecting nodes belonging the
- 150 Exclude Exit Nodes from a circuit
151 Improving Tor Path Selection
OPEN:
121 Hidden Service Authentication
@@ -105,6 +104,7 @@ Proposals by status:
140 Provide diffs between consensuses
147 Eliminate the need for v2 directories in generating v3 directories
148 Stream end reasons from the client side should be uniform
+ 150 Exclude Exit Nodes from a circuit
META:
000 Index of Tor Proposals
001 The Tor Proposal Process
diff --git a/doc/spec/proposals/150-exclude-exit-nodes.txt b/doc/spec/proposals/150-exclude-exit-nodes.txt
index 02d54b984..10f972fab 100644
--- a/doc/spec/proposals/150-exclude-exit-nodes.txt
+++ b/doc/spec/proposals/150-exclude-exit-nodes.txt
@@ -3,34 +3,45 @@ Title: Exclude Exit Nodes from a circuit
Version: $Revision$
Author: Mfr
Created: 2008-06-15
-Status: Draft
+Status: Accepted
Overview
- Right now, Tor user can manually exclude a node of all the part of
- circuits created using the directive ExcludeNodes.
- This proposal makes this exclusion, less restrictive, allowing to
- exclude a node only on the exit part of a circuit.
+ Right now, Tor users can manually exclude a node from all positions
+ in their circuits created using the directive ExcludeNodes.
+ This proposal makes this exclusion less restrictive, allowing users to
+ exclude a node only from the exit part of a circuit.
Motivation
- Helping the integration into vidalia (tor exit branch)or other tools,
- of features to exclude a country for exit without reducing
- circuits possibilities, an privacy.
- This feature could help people from a country were many sites
- are blocked to exclude this country for browsing, giving them a
- more stable navigation.
- Add the possibility for the user to exclude the current used exit
- node.
-
-
+ This feature would Help the integration into vidalia (tor exit
+ branch) or other tools, of features to exclude a country for exit
+ without reducing circuits possibilities, and privacy. This feature
+ could help people from a country were many sites are blocked to
+ exclude this country for browsing, giving them a more stable
+ navigation. It could also add the possibility for the user to
+ exclude a currently used exit node.
+
Implementation
ExcludeExitNodes is similar to ExcludeNodes except it's only
the exit node which is excluded for circuit build.
-
+
Tor doesn't warn if node from this list is not an exit node.
Security implications:
- Open also possibilities for a future user bad exit reporting. \ No newline at end of file
+ Open also possibilities for a future user bad exit reporting
+
+Risks:
+
+ Use of this option can make users partitionable under certain attak
+ assumptions. However, ExitNodes already creates this possibility,
+ so there isn't much increased risk in ExcludeExitNods.
+
+ We should still encourage people who exclude an exit node because
+ of bad behavior to report it instead of just adding it to their
+ ExcludeExit list. It would be unfortunate if we didn't find out
+ about broken exits because of this option. This issue can probably
+ be addressed sufficiently with documentation.
+