Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Tor and network security/administration

  • From: Todd Vierling
  • Date: Wed Jun 21 17:09:52 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=aoa0xlA2ZGm1GM8bK4DbR6VaSdOVHpxqppwxfOGd9omMmL+GbCSsKLjRYgFZvmS0hH+ndSqXJrtn6452V/KKuEwqTN6hPdl9f4umWm8k6y9+eQNb1GbtyoeRs8iL6N63sRRv7VtX9G8Gz1UmrEmVDmXQNKewLRHvcaqnBJWNt5Q=

On 6/21/06, Kevin Day <toasty@dragondata.com> wrote:
Failing that, having an exit node look at HTTP headers back from the
server that contained a "X-No-Anonymous" header to say that the host
at that IP shouldn't allow Tor to use it would work.
What's to stop one or more exit node operators from hacking such a
check right back out of the code?

This is a better idea, but still has a bit of defeats-the-whole-point
to it, as it would depend on people obeying that header voluntarily.
Social vs. technological divide, again.

--
-- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.