Git Product home page Git Product logo

ip-reputation's Introduction

IP Reputation

IP addresses are currently used as a source of “reputation” in conjunction with other signals to protect against malicious traffic. Servers use these reputations in determining whether or not a given packet, connection, or flow corresponds to malicious traffic. Tor exit nodes often have bad reputation because there exists some client sending bad traffic through the node. Absent any sort of signal beyond the IP address, all connections through the exit node are assigned the same reputation. Fundamentally, the current ecosystem operates by making the paths of a connection accountable for bad traffic, rather than the sources of the traffic itself. This is problematic because paths are shared by multiple clients and are impermanent. Ideally, clients could present proof of reputation that is separate from the IP address, and uniquely bound to a given connection.

Terminology

  • Reputation: A random variable with some distribution. A reputation can either be "bad" or "good" with some probability according to the distribution.
  • Reputation signal: A representative of a reputation.
  • Reputation proof: A non-interactive zero knowledge proof of a reputation signal.
  • Reputation context: The context in which a given reputation applies.
  • Identity: Any identifying information about an end-user or service, be it a client or server, including IP addresses.

Client requirements

  • Clients MUST be able to request and present new reputation proofs on demand.
  • A reputation signal MUST NOT be linkable to any identifying information for which the signal corresponds.
  • Clients MUST be able to demonstrate good faith and improve reputation if needed.
  • Clients MUST be able to dispute their reputation.
  • Clients MUST be able to determine and verify the context in which a given reputation applies.
  • Reputation signals MUST NOT remain valid indefinitely. (Clients must obtain new reputation signals periodically.)

Server requirements

  • Reputation signals MUST be bound to a context, and MUST NOT be transferrable across contexts.
  • Clients MUST NOT be able to transfer reputations.

Original material from Matthew Finkel on the PEARG mailing list.

ip-reputation's People

Contributors

chris-wood avatar

Stargazers

David Turner avatar

Watchers

Frank Denis avatar James Cloos avatar Brad Lassey avatar Matthew Finkel avatar avatar marwan avatar avatar

ip-reputation's Issues

Generalize beyond application to Tor?

IP reputation harms more users than those who use Tor. While Tor is a prime example of why an IP address is not (and should not be) associated with a specific user, VPN users face a similar problem. The introduction could become a little more motivating if it is less Tor-specific, and focuses on the general proxying case (regardless of Tor, commercial VPN, CGNAT, etc.).

PrivacyPass provides a nice example of this, where it was originally designed for the Tor Browser use case, it is now used by 100k+ VPN users.

Clarify relationship between Identity and Reputation

The Terminology section defines:
Identity: Any identifying information about an end-user or service, be it a client or server, including IP addresses.

But the only place I see identity referenced is in:
A reputation signal MUST NOT be linkable to any identifying information for which the signal corresponds.

Should/Can Identity be used more concretely? Does that require another entity that derives a reputation from an Identity and other parameters?

IP address requirement?

(I'm being a little pedantic, sorry in advance).

This document is called IP Reputation, is IP shorthand for IP address? I'm asking because it talks about how IP addresses are used in calculating a reputation, and then the introduction section concludes by saying clients could present proof of reputation that is separate from the IP address, and uniquely bound to a given connection. However, Identity is specifically defined as Any identifying information about an end-user or service [...] including IP addresses.

Questions:

  1. Should the definition of Identity be possibly including IP addresses?
  2. Can this document decouple Reputation/Identity and IP addresses, or are they fundamentally coupled such that the IP address will always influence a Reputation (even if only by a small amount)?
  3. Should this document be renamed as (something like) Client/Connection Reputation, instead of IP Reputation?

Obviously, I want to completely decouple IP addresses and reputation, and I'd like to work towards realizing the ideal solution you described at the end of the intro.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.