From: Roger Dingledine Date: Mon, 3 Nov 2003 02:54:52 +0000 (+0000) Subject: more minor commits X-Git-Tag: tor-0.0.2pre14~124 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e4e5bc601e51145fdb8877b8f144fa3ed8d5fcb8;p=thirdparty%2Ftor.git more minor commits svn:r726 --- diff --git a/doc/tor-design.tex b/doc/tor-design.tex index 4de0a59f7f..964e51c491 100644 --- a/doc/tor-design.tex +++ b/doc/tor-design.tex @@ -948,14 +948,17 @@ use IP-based authentication (such as institutional mail or web servers) can be fooled by the fact that anonymous connections appear to originate at the exit OR. -We stress that Tor does not enable any new class of abuse. Spammers and -other attackers already have access to thousands of misconfigured systems -worldwide, and the Tor network is far from the easiest way to launch -these antisocial or illegal attacks. But because the onion routers can -easily be mistaken for the originators of the abuse, and the volunteers -who run them may not want to deal with the hassle of repeatedly explaining -anonymity networks, we must block or limit attacks and other abuse that -travel through the Tor network. +We stress that Tor does not enable any new class of abuse. Spammers +and other attackers already have access to thousands of misconfigured +systems worldwide, and the Tor network is far from the easiest way +to launch these antisocial or illegal attacks. Indeed, Tor's limited +anonymity may be a benefit here, because large determined adversaries +may still be able to track down criminals. In any case, because the +%XXX +onion routers can easily be mistaken for the originators of the abuse, +and the volunteers who run them may not want to deal with the hassle of +repeatedly explaining anonymity networks, we must block or limit attacks +and other abuse that travel through the Tor network. To mitigate abuse issues, in Tor, each onion router's \emph{exit policy} describes to which external addresses and ports the router will permit @@ -1123,10 +1126,9 @@ central point. Rendezvous points are a building block for \emph{location-hidden services} (also known as ``responder anonymity'') in the Tor -network. Location-hidden services allow a server Bob to offer a TCP -service, such as a webserver, without revealing the IP of his service. -Besides allowing Bob to provided services anonymously, location -privacy also seeks to provide some protection against distributed DoS attacks: +network. Location-hidden services allow Bob to offer a TCP +service, such as a webserver, without revealing its IP. +We are also motivated by protection against distributed DoS attacks: attackers are forced to attack the onion routing network as a whole rather than just Bob's IP.