CDRv2 discussion (was: Re: Al-qaeda.net deprecated)

[coderman]

On Fri, Jan 24, 2014 at 7:07 PM, Riad S. Wahby <rsw at jfet.org> wrote:
> ... I would hesitate to peer with any node that didn't
> forward everything and let me apply my own filter. I assume most other
> operators would as well, so practically speaking no one would run a node
> that didn't (claim to) forward everything.

keep it simple: NO FILTERING

if you can read this you are tall enough to filter/tag/label your own self.



> Next question: how paranoid are we, i.e., do we attempt to enforce this
> policy somehow?

node operators who suspect filtering should post to the other
remailers and cryptome. John likes spam.

if the filter is due to absurd and extreme levels of zero information
DoS[0] then notify the other remailers and cryptome with the filter
you used so they can follow suit.



> This goes beyond fault tolerance towards attempting to
> solve the problem of enforcing peering contracts with untrusted CDRv2
> nodes, which is clearly a more... intersting one.

this is not simple, and not recommended.



> I have been busy with real life, and haven't dedicated much more time to
> thinking about this. I'm hopeful that tomorrow I will have the
> opportunity to do so at least a little bit.

another benefit of simple: your limited efforts more likely to reach utility :)



0.  please note the intentional use of absurd, and extreme, and zero
information with respect to specifically DoS.
if someone is sending noise at 50/sec that should promptly and always
generate a null route.

"spam" is nebulous and too easy to filter. forget about it; not a
problem.  and of course if you've been compelled through legal
pressure in your jurisdiction to cull from archives, if you publish
them, notify the other remailers and cryptome so they can mirror and
publicize.



best regards,