Browse code

remove the exit enclaving faq entry

(exit enclaving doesn't work for most users now, since most users only
see the summary exit policy, which describes ports but not addresses.)

this would be a good candidate for an ifaq, if we had one, to explain
what this feature used to be.

Roger Dingledine authored on 12/07/2014 12:56:02
Showing 1 changed files
... ...
@@ -237,7 +237,6 @@ relay.</a></li>
237 237
     communications? Isn't that bad? </a></li>
238 238
     <li><a href="#AmITotallyAnonymous">So I'm totally anonymous if I use
239 239
     Tor?</a></li>
240
-    <li><a href="#ExitEnclaving">What is Exit Enclaving?</a></li>
241 240
     <li><a href="#KeyManagement">Tell me about all the keys Tor
242 241
 uses.</a></li>
243 242
     <li><a href="#EntryGuards">What are Entry Guards?</a></li>
... ...
@@ -3563,69 +3562,6 @@ diversity,
3563 3562
 
3564 3563
     <hr>
3565 3564
 
3566
-    <a id="ExitEnclaving"></a>
3567
-    <h3><a class="anchor" href="#ExitEnclaving">What is Exit Enclaving?</a>
3568
-    </h3>
3569
-
3570
-    <p>
3571
-    When a machine that runs a Tor relay also runs a public service, such as
3572
-    a webserver, you can configure Tor to offer Exit Enclaving to that
3573
-    service. Running an Exit Enclave for all of your services you wish to
3574
-    be accessible via Tor provides your users the assurance that they will
3575
-    exit through your server, rather than exiting from a randomly selected
3576
-    exit node that could be watched. Normally, a tor circuit would end at
3577
-    an exit node and then that node would make a connection to your service.
3578
-    Anyone watching that exit node could see the connection to your service,
3579
-    and be able to snoop on the contents if it were an unencrypted
3580
-    connection. If you run an Exit Enclave for your service, then the exit
3581
-    from the Tor network happens on the machine that runs your service,
3582
-    rather than on an untrusted random node. This works when Tor clients
3583
-    wishing to connect to this public service extend their circuit
3584
-    to exit from the Tor relay running on that same host. For example, if
3585
-    the server at 1.2.3.4 runs a web server on port 80 and also acts as a
3586
-    Tor relay configured for Exit Enclaving, then Tor clients wishing to
3587
-    connect to the webserver will extend their circuit a fourth hop to exit
3588
-    to port 80 on the Tor relay running on 1.2.3.4.
3589
-    </p>
3590
-    <p>
3591
-    Exit Enclaving is disabled by default to prevent attackers from
3592
-    exploiting trust relationships with locally bound services. For
3593
-    example, often 127.0.0.1 will run services that are not designed to
3594
-    be shared with the entire world. Sometimes these services will also
3595
-    be bound to the public IP address, but will only allow connections if
3596
-    the source address is something trusted, such as 127.0.0.1.
3597
-    </p>
3598
-    <p>
3599
-    As a result of possible trust issues, relay operators must configure
3600
-    their exit policy to allow connections to themselves, but they should
3601
-    do so only when they are certain that this is a feature that they would
3602
-    like. Once certain, turning off the ExitPolicyRejectPrivate option will
3603
-    enable Exit Enclaving. An example configuration would be as follows:
3604
-    </p>
3605
-    <pre>
3606
-    ExitPolicy accept 1.2.3.4:80
3607
-    ExitPolicy reject 127.0.0.1/8
3608
-    ExitPolicyRejectPrivate 0
3609
-    </pre>
3610
-    <p>
3611
-    This option should be used with care as it may expose internal network
3612
-    blocks that are not meant to be accessible from the outside world or
3613
-    the Tor network. Please tailor your ExitPolicy to reflect all netblocks
3614
-    that you want to prohibit access.
3615
-    </p>
3616
-    <p>
3617
-    This option should be used with care as it may expose internal network
3618
-    blocks that are not meant to be accessible from the outside world or
3619
-    the Tor network. Please tailor your ExitPolicy to reflect all netblocks
3620
-    that you want to prohibit access.
3621
-    </p>
3622
-    <p>
3623
-    While useful, this behavior may go away in the future because it is
3624
-    imperfect. A great idea but not such a great implementation.
3625
-    </p>
3626
-
3627
-    <hr>
3628
-
3629 3565
     <a id="KeyManagement"></a>
3630 3566
     <h3><a class="anchor" href="#KeyManagement">Tell me about all the
3631 3567
 keys Tor uses.</a></h3>