From e4e5bc601e51145fdb8877b8f144fa3ed8d5fcb8 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Mon, 3 Nov 2003 02:54:52 +0000 Subject: [PATCH] more minor commits svn:r726 --- doc/tor-design.tex | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/doc/tor-design.tex b/doc/tor-design.tex index 4de0a59f7f..964e51c491 100644 --- a/doc/tor-design.tex +++ b/doc/tor-design.tex @@ -948,14 +948,17 @@ use IP-based authentication (such as institutional mail or web servers) can be fooled by the fact that anonymous connections appear to originate at the exit OR. -We stress that Tor does not enable any new class of abuse. Spammers and -other attackers already have access to thousands of misconfigured systems -worldwide, and the Tor network is far from the easiest way to launch -these antisocial or illegal attacks. But because the onion routers can -easily be mistaken for the originators of the abuse, and the volunteers -who run them may not want to deal with the hassle of repeatedly explaining -anonymity networks, we must block or limit attacks and other abuse that -travel through the Tor network. +We stress that Tor does not enable any new class of abuse. Spammers +and other attackers already have access to thousands of misconfigured +systems worldwide, and the Tor network is far from the easiest way +to launch these antisocial or illegal attacks. Indeed, Tor's limited +anonymity may be a benefit here, because large determined adversaries +may still be able to track down criminals. In any case, because the +%XXX +onion routers can easily be mistaken for the originators of the abuse, +and the volunteers who run them may not want to deal with the hassle of +repeatedly explaining anonymity networks, we must block or limit attacks +and other abuse that travel through the Tor network. To mitigate abuse issues, in Tor, each onion router's \emph{exit policy} describes to which external addresses and ports the router will permit @@ -1123,10 +1126,9 @@ central point. Rendezvous points are a building block for \emph{location-hidden services} (also known as ``responder anonymity'') in the Tor -network. Location-hidden services allow a server Bob to offer a TCP -service, such as a webserver, without revealing the IP of his service. -Besides allowing Bob to provided services anonymously, location -privacy also seeks to provide some protection against distributed DoS attacks: +network. Location-hidden services allow Bob to offer a TCP +service, such as a webserver, without revealing its IP. +We are also motivated by protection against distributed DoS attacks: attackers are forced to attack the onion routing network as a whole rather than just Bob's IP.