-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Arrakistor wrote:

...

I am trying to do the same thing. I would be interested in any help along

On 1/27/06, Chris Palmer wrote: these lines as well!

Yes, maybe it's a conversation best had on-list rather than off-.

The main reason I didn't want to send my justification document to the list is that it might expose my strategy (and any deliberation about it) to the networking people if they monitor this list. I suppose that might be the plays-with-lawyers-well side of me. I could send it if others think it would be helpful (and I guarantee that I'll write up my struggle next week after they've passed judgement on my proposal). I guess I'll just paraphrase the issues and academic stuff: * They want to make sure that my Tor server is not used to attack services/computers on the campus network. Proposal: block all exit traffic to campus IP addresses. * The Library has electronic subscriptions to certain services that are based on IP addresses only. Proposal: block exit connections to those IP addresses given a list or build a list as needed. The eventual list could be thousands of IP addresses long which would have a undetermined impact on Tor's performance. * They're not confident that Tor will obey its exit policies. Proposal: include kernel-level software firewall and possibly a hardware-based firewall device on the Tor box. * They're concerned about bandwidth (although this one is not a biggie). Proposal: limit to 5% of my departments bandwidth (5MBit/s) and then explore burst settings and see how this impacts our department. As for academic justification, in addition to Dean, Sysadmin. and multiple Faculty supporters I've noted that: * We have a postdoc that works on reputation systems in anonymous routing. * Journalism and Law students need a way to be able to communicate with clients/sources and do competitive analyses in a private, secure fashion.[1] * Faculty need to be able to do research on student and faculty candidates without exposing their institutional affiliation.[1] * Students at our school have expressed interest in using our Tor node to incorporate onion-routing concepts into client-side privacy protection tools and research tools (like hidden surveys and such). * Students in networking, privacy, security and cryptography classes (such as myself) could tinker with our Tor node and get hands-on experience with onion-routing, cryptography an anonymity tools. [1] Neither of these require a Tor node (exit or middleman) on campus... but I'd like to make a convincing case that we need to be supporting the network if we're going to be using its services. I would appreciate any comments on any of this... -Joe

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFD2uqjsobNj2jkCc0RAsvdAKCCxh/a2chgeLJJ8n4jbEcRZTtZMQCg3bUw fwKAYmOgMAczuxzQusKiGxw= =TiNd -----END PGP SIGNATURE-----

-- Joseph Lorenzo Hall PhD Student UC Berkeley, School of Information (SIMS) http://josephhall.org/ blog: http://josephhall.org/nqb2/ This email is written in [markdown] - an easily-readable and parseable text format. [markdown]: http://daringfireball.net/projects/markdown/ ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]