IETF Logo Mail Archive

Re: ietf.org unaccessible for Tor users

Eliot Lear <lear@cisco.com> Tue, 15 March 2016 11:12 UTC

Return-Path: <lear@cisco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FDA012D9B8 for <ietf@ietfa.amsl.com>; Tue, 15 Mar 2016 04:12:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WhAF7z3Ca3kP for <ietf@ietfa.amsl.com>; Tue, 15 Mar 2016 04:12:27 -0700 (PDT)
Received: from aer-iport-4.cisco.com (aer-iport-4.cisco.com [173.38.203.54]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4062D12D91E for <ietf@ietf.org>; Tue, 15 Mar 2016 04:12:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2416; q=dns/txt; s=iport; t=1458040340; x=1459249940; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to; bh=OxqS7N7QugI9xuuRj43e9Th+qTKW4QXVqakWfjzPnpQ=; b=Z112TCESz1K3iVntEk15jQiNYV1wCMMkauTDAsQpAf5YCF0xabVXUfsT pr+E1YZpvxWeNRcane13HYoJt61mg8Org0C/b4W6gg4waxPQODTYUPZRr OWE5NzEkuUuJdddmx/d9vtvHhT4dgiEElvYImLhgwcysMtS84jUSPwNdI o=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BkBgDB7edW/xbLJq1ehBhtvE0jhWoCggIBAQEBAQFlJ0ESAYNuAQECAiNVARALGAkWCwICCQMCAQIBRQYBDAgBARWIDA6tI49PAQEBAQEBAQEBAQEBAQEBAQEBAQEOCIpchzuBOgWXT4McgWZtiBKCMIcBhVSOf2KDZjsuAQGDA4deAQEB
X-IronPort-AV: E=Sophos;i="5.24,338,1454976000"; d="asc'?scan'208";a="636262271"
Received: from aer-iport-nat.cisco.com (HELO aer-core-2.cisco.com) ([173.38.203.22]) by aer-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Mar 2016 11:12:18 +0000
Received: from [10.61.234.176] ([10.61.234.176]) by aer-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id u2FBCH5c004054; Tue, 15 Mar 2016 11:12:18 GMT
Subject: Re: ietf.org unaccessible for Tor users
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Paul Wouters <paul@nohats.ca>
References: <20160313143521.GC26841@Hirasawa> <m2a8m0y72q.wl%randy@psg.com> <F04B3B85-6B14-43BA-9A21-FC0A31E79065@piuha.net> <56E7E09D.7040100@cisco.com> <4349AFDD-350C-4217-9BEE-3DBD2F608F95@nohats.ca> <56E7EAA0.1050907@cs.tcd.ie>
From: Eliot Lear <lear@cisco.com>
Message-ID: <56E7EE10.9000802@cisco.com>
Date: Tue, 15 Mar 2016 12:12:16 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <56E7EAA0.1050907@cs.tcd.ie>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="O3m9geWTwHM3684e8GviBvA4FIjXu529U"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/By8aiWZ4Y6_5h8By-i9Nt2wWd_o>
Cc: Yui Hirasawa <yui@cock.li>, IETF Disgust List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2016 11:12:29 -0000


On 3/15/16 11:57 AM, Stephen Farrell wrote:
> I fully agree that we ought enable people to access the IETF
> site via Tor. That is entirely consistent with [1] (as is
> still allowing plaintext, so let's not re-do that discussion:-)
> Actually, I'd say that making life harder for people who
> choose to use Tor is inconsistent with the spirit of [1]
> unless there's some very good reason for that, e.g. if it
> put other folks access to the IETF site at significant risk.
> I don't think that last is the case.

Unless Tor itself is used for botnet C&C [1,2]?

Eliot

[1]
https://www.defcon.org/images/defcon-18/dc-18-presentations/D.Brown/DEFCON-18-Brown-TorCnC.pdf
[2] http://www.welivesecurity.com/2013/07/24/the-rise-of-tor-based-botnets/

v2.23.0 | Report a Bug | By Email