Hello,
As we know, hidden services can be useful for all kinds of legitimate
things (Pond's usage is particularly interesting), however they do also
sometimes get used by botnets and other problematic things.
Tor provides exit policies to let exit relay operators restrict traffic
they consider to be unwanted or abusive. In this way a kind of
international group consensus emerges about what is and is not acceptable
usage of Tor. For instance, SMTP out is widely restricted.
Has there been any discussion of implementing similar controls for hidden
services, where relays would refuse to act as introduction points for
hidden services that match certain criteria e.g. have a particular key, or
whose key appears in a list downloaded occasionally via Tor itself. In this
way relay operators could avoid their resources being used for establishing
communication with botnet CnC servers.
Obviously such a scheme would require a protocol and client upgrade to
avoid nodes building circuits to relays that then refuse to introduce.
The downside is additional complexity. The upside is potentially recruiting
new relay operators.