Opened 5 years ago

Closed 2 years ago

#14424 closed enhancement (duplicate)

Enhance policies (exit, reachableaddresses, etc) to support hostnames

Reported by: Kyuske Owned by: tbb-team
Priority: Medium Milestone: Tor: very long term
Component: Core Tor/Tor Version:
Severity: Normal Keywords: needs-proposal
Cc: Actual Points:
Parent ID: #22340 Points: 20
Reviewer: Sponsor:

Description

Hello. First of all, amazing software! Thank you for this. I was wondering if there is a way to edit torrc to only connect to comcast, att, mit.edu etc..As you can edit the file to only connect to US servers, but I need it for specific ISP's. Thank you!

Child Tickets

Change History (5)

comment:1 Changed 4 years ago by cypherpunks

Component: Tor BrowserTor Support
Owner: changed from tbb-team to phoul
Severity: Normal
Version: Tor: 0.2.5.10

comment:2 Changed 4 years ago by cypherpunks

Component: Tor SupportTor Browser
Owner: changed from phoul to tbb-team

comment:3 Changed 4 years ago by teor

Component: Tor BrowserTor
Milestone: Tor: very long term
Priority: HighMedium

This is a core tor feature request.

It could be implemented by extending ReachableAddresses to resolve DNS names when parsing the policy.

But there are a few issues with this:

  • DNS resultion results change, we would have to periodically refresh the policy;
    • do we do this based on record TTL?
    • what if DNS fails? temporarily? permanently?
    • this has caused us other issues in the past
  • DNS names can resolve to multiple IP addresses depending on time and location and various other factors, how can we know we have them all?
  • tor tries very hard not to depend on DNS because it can be a weak link - it's not authenticated,
  • leaking the sites users are prepared to access via DNS queries could identify the user, or make those sites the target of attacks.

comment:4 Changed 2 years ago by nickm

Keywords: needs-proposal added
Points: 20
Summary: Connecting by HostnameEnhance policies (exit, reachableaddresses, etc) to support hostnames

comment:5 Changed 2 years ago by nickm

Parent ID: #22340
Resolution: duplicate
Status: newclosed

Reparenting and closing as duplicates of their parent.

Note: See TracTickets for help on using tickets.