IETF Logo Mail Archive

RE: ietf.org unaccessible for Tor users

"Tony Hain" <alh-ietf@tndh.net> Wed, 16 March 2016 20:42 UTC

Return-Path: <alh-ietf@tndh.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 910D912D738 for <ietf@ietfa.amsl.com>; Wed, 16 Mar 2016 13:42:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.792
X-Spam-Level:
X-Spam-Status: No, score=-1.792 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1056-bit key) reason="fail (bad RSA signature)" header.d=tndh.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7frXQ9t6LdPy for <ietf@ietfa.amsl.com>; Wed, 16 Mar 2016 13:42:44 -0700 (PDT)
Received: from express.tndh.net (express.tndh.net [IPv6:2001:470:e930:1240:20d:56ff:fe04:4c0a]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4567312D708 for <ietf@ietf.org>; Wed, 16 Mar 2016 13:42:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tndh.net; s=dkim; h=Subject:Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:Date:In-Reply-To:References:To:From; bh=McUVCGWkZNaqHZBhLFwoIpoIuGhU3zxhjiiecup2F4Y=; b=Am11JnJqLoh/YHkwfhDgbxYyJQ8ZcqSQHLMFAAOJjCMKOlsaRzRdzHEtyXpaUD6E9HQu5EDKb1+6P5JZyOazLiqt7AZWSE7yZNKonX7gWNwK4sGRMKQZcuGb+vJvL17f/s2zSZE33YOaZnlLttS2qt+Z2ASCwptVtfhTr2Q8gq3Izovy;
Received: from express.tndh.net ([2001:470:e930:1240:20d:56ff:fe04:4c0a] helo=eaglet) by express.tndh.net with esmtp (Exim 4.72 (FreeBSD)) (envelope-from <alh-ietf@tndh.net>) id 1agIGi-000C1V-Eo; Wed, 16 Mar 2016 13:42:42 -0700
From: Tony Hain <alh-ietf@tndh.net>
To: 'Michael StJohns' <mstjohns@comcast.net>, ietf@ietf.org
References: <20160313143521.GC26841@Hirasawa> <m2a8m0y72q.wl%randy@psg.com> <F04B3B85-6B14-43BA-9A21-FC0A31E79065@piuha.net> <56E7E09D.7040100@cisco.com> <4349AFDD-350C-4217-9BEE-3DBD2F608F95@nohats.ca> <27177.1458050662@obiwan.sandelman.ca> <m2k2l3qud5.wl%randy@psg.com> <56E90304.3050407@cisco.com> <m2bn6eq59r.wl%randy@psg.com> <56E904A7.80200@cisco.com> <m2a8lyq4ud.wl%randy@psg.com> <56E90BF9.4090306@cisco.com> <56E9AC23.8060109@nostrum.com> <56E9B436.2090203@cisco.com> <56E9B543.9080000@nostrum.com> <56E9B5FF.1080301@cisco.com> <56E9B836.9080601@nostrum.com> <56E9C0CA.7040006@comcast.net>
In-Reply-To: <56E9C0CA.7040006@comcast.net>
Date: Wed, 16 Mar 2016 13:42:09 -0700
Message-ID: <05f501d17fc4$4fb87020$ef295060$@tndh.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQCYuprwAvKyFpb6R3oKJWUW1izoNwJVk0V8AYOaxoAB6w+j0AHSifbDAiUdjGECL5ybsgGPkrRUAf+1uPIB1qoSJwFVTGNvAgcs9MoA5jzeCQGohlndAhG5OwMBziCzMwHvyz60AeHiN1Cg1p7LIA==
Content-Language: en-us
X-SA-Exim-Connect-IP: 2001:470:e930:1240:20d:56ff:fe04:4c0a
X-SA-Exim-Mail-From: alh-ietf@tndh.net
Subject: RE: ietf.org unaccessible for Tor users
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on express.tndh.net)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/2dl6u_ih5KsZeVwRe-_bVdkS10w>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2016 20:42:45 -0000

Michael StJohns wrote:
> On 3/16/2016 3:47 PM, Adam Roach wrote:
> > As is the nature of a service used by people who need to stay
> > anonymous for their own safety,
> 
> There's the set of TOR users, and there's the subset of TOR users that need
> to have the property of "anonymity for safety",  and then there's the set of
> people who need/want access to the IETF.
> 
> Could you provide an educated guess on the size of the intersection of
> those last two sets?   1?  10s? 100s? 1000s?  More?   I'm trying to
> understand the amount of hyperbole being slung about.
> 
> Finally, are there any other methods  besides Tor you can think of that
> would give "anonymity for safety" while still providing access to the IETF
> data? (Hint: asking a friend to photocopy paper or send you a usb stick....
> or...)

I don't have any answer to your question, but a belief that it could grow and shift over time as governments change. Nobody has addressed the question from Antonio Prado about setting up ietf.onion. I have never setup or used Tor, so I may be off base, but it would appear that the IETF could run a Tor router with a bandwidth-throttled exit policy that blocks all addresses except a mirror pointed to by the ietf.onion name. Basically a public hidden service.

Attackers could dos the throttle, but other than that, it would appear to remove the need for the worse-than-useless captcha while not opening up the IETF to abuse of the relay, and solve the access problem in the subject line. 

Tony

v2.23.0 | Report a Bug | By Email