From f36364d9a376bbaf8f9aa6c55d262d18daf5eb2c Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Fri, 11 Jul 2008 19:13:36 +0000 Subject: r16923@tombo: nickm | 2008-07-11 15:12:12 -0400 Mark proposal 150 accepted; add risks section; revise English a bit. svn:r15845 --- proposals/150-exclude-exit-nodes.txt | 45 ++++++++++++++++++++++-------------- 1 file changed, 28 insertions(+), 17 deletions(-) (limited to 'proposals/150-exclude-exit-nodes.txt') diff --git a/proposals/150-exclude-exit-nodes.txt b/proposals/150-exclude-exit-nodes.txt index 02d54b9..10f972f 100644 --- a/proposals/150-exclude-exit-nodes.txt +++ b/proposals/150-exclude-exit-nodes.txt @@ -3,34 +3,45 @@ Title: Exclude Exit Nodes from a circuit Version: $Revision$ Author: Mfr Created: 2008-06-15 -Status: Draft +Status: Accepted Overview - Right now, Tor user can manually exclude a node of all the part of - circuits created using the directive ExcludeNodes. - This proposal makes this exclusion, less restrictive, allowing to - exclude a node only on the exit part of a circuit. + Right now, Tor users can manually exclude a node from all positions + in their circuits created using the directive ExcludeNodes. + This proposal makes this exclusion less restrictive, allowing users to + exclude a node only from the exit part of a circuit. Motivation - Helping the integration into vidalia (tor exit branch)or other tools, - of features to exclude a country for exit without reducing - circuits possibilities, an privacy. - This feature could help people from a country were many sites - are blocked to exclude this country for browsing, giving them a - more stable navigation. - Add the possibility for the user to exclude the current used exit - node. - - + This feature would Help the integration into vidalia (tor exit + branch) or other tools, of features to exclude a country for exit + without reducing circuits possibilities, and privacy. This feature + could help people from a country were many sites are blocked to + exclude this country for browsing, giving them a more stable + navigation. It could also add the possibility for the user to + exclude a currently used exit node. + Implementation ExcludeExitNodes is similar to ExcludeNodes except it's only the exit node which is excluded for circuit build. - + Tor doesn't warn if node from this list is not an exit node. Security implications: - Open also possibilities for a future user bad exit reporting. \ No newline at end of file + Open also possibilities for a future user bad exit reporting + +Risks: + + Use of this option can make users partitionable under certain attak + assumptions. However, ExitNodes already creates this possibility, + so there isn't much increased risk in ExcludeExitNods. + + We should still encourage people who exclude an exit node because + of bad behavior to report it instead of just adding it to their + ExcludeExit list. It would be unfortunate if we didn't find out + about broken exits because of this option. This issue can probably + be addressed sufficiently with documentation. + -- cgit v1.2.3-54-g00ecf