On Sep 16, 2014, at 9:54 AM, Paul Wouters <paul@xxxxxxxxx> wrote: >> As for it being sad, I see it as a reasonable tradeoff in today’s Internet. > > How many attacks has ietf.org been under? Dunno, but given how sadly easy it is to mount DOS attacks, I’d be surprised if there haven’t been some. > Can the vendor not distinguish > between tor nodes towards ietf.org and tor nodes towards other sites? Is there a canonical list of Tor nodes? If so, then maybe, however it’s been a couple of years since I was at CloudFlare, so I’d just be guessing. > We > have contributors in countries where using tor to access IETF might > actually be a requirement. No doubt. > How does this mechanism work when there is traffic using TLS? Is there a > MITM cert? Probably best to ask the folks at CloudFlare. Regards, -drc
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail