Opened 11 years ago

Closed 4 years ago

#800 closed enhancement (wontfix)

Add the ability to operate as an exit enclave exclusively

Reported by: micah Owned by:
Priority: Low Milestone: Tor: unspecified
Component: Core Tor/Tor Version: 0.2.1.4-alpha
Severity: Keywords: needs-proposal tor-relay
Cc: micah, nickm, intrigeri@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by nickm)

I would like to setup exit enclaves for all of the public facing services that I manage. However, I would like
these exit enclaves to just be exit enclaves, and not be routing other tor traffic through them as an intermediary.

I want to contribute to the tor network by routing tor network traffic, providing a bridge and an exit node, but I prefer
to separate these logically and topologically in our network and not bundle them together. This is especially true
because I've got multiple services in the same rack that are all configured identically that I would like each to
exit enclave for their services that they provide to the public, but not each individually be routing tor traffic as
intermediaries.

I would like to route tor traffic for others, but on a different box (and on a different network in some cases), but
not when I am exit enclaving.

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (11)

comment:1 Changed 11 years ago by micah

I should mention that I've configured my exit enclave in this manner:

http://wiki.noreply.org/noreply/TheOnionRouter/ExitEnclave

comment:2 Changed 11 years ago by arma

This is a good idea, but hard to do right. Needs a proposal.

I'm going to add a note about it to the development roadmap. My current
thought is that what you want is a "secure service" -- the same thing as
a Tor "hidden service" except you only use one-hop routing on your side.

So clients would access your service by the hash of its public key, something
like http://duskgytldkxiuqc6.exit/, and it would go to your exit enclave.

The trouble with having it automatically "intercept" requests to normal domain
names like http://indymedia.org/ is that the client doesn't know to ask you
whether you're the right place to exit from. And even if it did ask you, why
should it believe you?

comment:3 Changed 9 years ago by nickm

Description: modified (diff)
Milestone: post 0.2.1.xTor: unspecified

Still needs a design and a proposal . Moving to the "unspecified" benchmark.

comment:4 Changed 8 years ago by ioerror

I'd like to propose that we simply make a short hand option that does all of the above stuff automatically. I'd say something simple like "OfferExitEnclave 1" should do the trick on a server - it would open the exit policy for all services on the exit host's public IP. Alternatively, we could also take a port list. I think having OfferExitEnclave as a bool would be great as it would allow for lots of dynamic services to take advantage of Tor without advanced configuration knowledge.

Anything more specific should require hand tuned rules for exiting, I think.

comment:5 Changed 8 years ago by intrigeri

Cc: intrigeri@… added

comment:6 Changed 8 years ago by Sebastian

We should consider closing this as wontfix unless we fix exit enclaving for microdescriptors

comment:7 Changed 7 years ago by nickm

Keywords: needs-proposal added

comment:8 Changed 7 years ago by nickm

Keywords: tor-relay added

comment:9 Changed 7 years ago by nickm

Component: Tor RelayTor

comment:10 Changed 4 years ago by isis

We should consider closing this since we don't even support exit enclaving anymore.

comment:11 Changed 4 years ago by arma

Resolution: Nonewontfix
Status: newclosed

Closing. Maybe the right answer is to offer an onion version of the website, with the upcoming short-circuit options. In any case the big challenge here is letting the user know the mapping from ordinary web name to more secure address, whether that's in the .onion domain or the defunct .exit domain or what.

Note: See TracTickets for help on using tickets.