mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
add a few todo items, move some around, answer nick's questions
svn:r14327
This commit is contained in:
parent
95488380db
commit
7519a473da
44
doc/TODO
44
doc/TODO
@ -132,6 +132,8 @@ Nick
|
||||
- Finish buffer stuff in libevent; start using it in Tor.
|
||||
- Tors start believing the contents of NETINFO cells.
|
||||
- Get a "use less buffer ram" patch into openssl.
|
||||
- Work with Steven and Roger to decide which parts of Paul's project
|
||||
he wants to work on.
|
||||
|
||||
Matt
|
||||
- Fit Vidalia in 640x480 again.
|
||||
@ -164,6 +166,7 @@ Steven
|
||||
- Keep bugging us about exploits on the .exit notation.
|
||||
- If relays have 100KB/s but set relaybandwidthrate to 10KB/s, do your
|
||||
interference attacks still work?
|
||||
- Mike's question #3 on https://www.torproject.org/volunteer#Research
|
||||
|
||||
Andrew
|
||||
- Which bundles include Torbutton? Change the docs/tor-doc-foo pages
|
||||
@ -173,12 +176,12 @@ Andrew
|
||||
include Torbutton, they still say it's tor.eff.org, etc.
|
||||
- Should we still be telling you how to use Safari on OS X for Tor,
|
||||
given all the holes that Torbutton-dev solves on Firefox?
|
||||
- Get Google excited about our T&Cs.
|
||||
|
||||
Karsten
|
||||
. Make a hidden services explanation page with the hidden service
|
||||
diagrams. See img/THS-[1-6].png. These need some text to go along
|
||||
with them though, so people can follow what's going on.
|
||||
- Roger should review these
|
||||
- We should consider a single config option TorPrivateNetwork that
|
||||
turns on all the config options for running a private test tor
|
||||
network. having to keep updating all the tools, and the docs,
|
||||
@ -196,6 +199,8 @@ Weasel
|
||||
|
||||
Roger:
|
||||
. Fix FAQ entry on setting up private Tor network
|
||||
- Review Karsten's hidden service diagrams
|
||||
- Prepare the 0.2.0.x Release Notes.
|
||||
|
||||
=======================================================================
|
||||
|
||||
@ -240,6 +245,14 @@ For 0.2.1.x:
|
||||
- Draft proposal for GeoIP aggregation (see external constraints *)
|
||||
- Separate Guard flags for "pick this as a new guard" and "keep this
|
||||
as an existing guard". First investigate if we want this.
|
||||
- Figure out how to make good use of the fallback consensus file. Right
|
||||
now many of the addresses in the fallback consensus will be stale,
|
||||
so it will take dozens of minutes to bootstrap from it. This is a
|
||||
bad first Tor experience. But if we check the fallback consensus
|
||||
file *after* we fail to connect to any authorities, then it may
|
||||
still be valuable as a blocking-resistance step.
|
||||
- Patch our tor.spec rpm package so it knows where to put the fallback
|
||||
consensus file.
|
||||
|
||||
- Tiny designs to write:
|
||||
- Better estimate of clock skew; has anonymity implications. Clients
|
||||
@ -249,10 +262,9 @@ For 0.2.1.x:
|
||||
- Do TLS connection rotation more often than "once a week" in the
|
||||
extra-stable case.
|
||||
|
||||
- Items to backport to 0.2.0.x-rc once solved in 0.2.1.x:
|
||||
R - Figure out the autoconf problem with adding a fallback consensus.
|
||||
R - add a geoip file
|
||||
W - figure out license
|
||||
- Items to backport to 0.2.0.x once solved in 0.2.1.x:
|
||||
R - add a geoip file *
|
||||
W - figure out license *
|
||||
|
||||
- Use less RAM *
|
||||
- Optimize cell pool allocation.
|
||||
@ -276,8 +288,8 @@ W - figure out license
|
||||
- Normalized cipher lists *
|
||||
- Normalized lists of extensions *
|
||||
- Tool improvements:
|
||||
- Get a "use less buffer ram" patch into openssl.
|
||||
- Get IOCP patch into libevent
|
||||
- Get a "use less buffer ram" patch into openssl. *
|
||||
- Get IOCP patch into libevent *
|
||||
|
||||
- Feature removals and deprecations:
|
||||
- Get rid of the v1 directory stuff (making, serving, and caching)
|
||||
@ -319,7 +331,6 @@ P - create a "make win32-bundle" for vidalia-privoxy-tor-torbutton bundle
|
||||
- chroot yourself, including inhibit trying to read config file
|
||||
and reopen logs, unless they are under datadir.
|
||||
|
||||
|
||||
- Should be trivial:
|
||||
- Base relative control socket paths (and other stuff in torrc) on datadir.
|
||||
- Tor logs the libevent version on startup, for debugging purposes.
|
||||
@ -334,18 +345,25 @@ P - create a "make win32-bundle" for vidalia-privoxy-tor-torbutton bundle
|
||||
|
||||
Later, unless people want to implement them now:
|
||||
- Actually use SSL_shutdown to close our TLS connections.
|
||||
- Polipo vs Privoxy
|
||||
- switch out privoxy in the bundles and replace it with polipo.
|
||||
- Consider creating special Tor-Polipo-Vidalia test packages,
|
||||
requested by Dmitri Vitalev (does torbrowser meet this need?)
|
||||
- Include "v" line in networkstatus getinfo values.
|
||||
[Nick: bridge authorities output a networkstatus that is missing
|
||||
version numbers. This is inconvenient if we want to make sure
|
||||
bridgedb gives out bridges with certain characteristics. -RD]
|
||||
- Let tor dir mirrors proxy connections to the tor download site, so
|
||||
if you know a bridge you can fetch the tor software.
|
||||
- when somebody uses the controlport as an http proxy, give them
|
||||
a "tor isn't an http proxy" error too like we do for the socks port.
|
||||
|
||||
Can anybody remember why we wanted to do this and/or what it means?
|
||||
- config option __ControllerLimit that hangs up if there are a limit
|
||||
of controller connections already.
|
||||
[This was mwenge's idea. The idea is that a Tor controller can
|
||||
"fill" Tor's controller slot quota, so jerks can't do cross-protocol
|
||||
attacks like the http form attack. -RD]
|
||||
- configurable timestamp granularity. defaults to 'seconds'.
|
||||
[This was Nick's idea. The idea to make the log timestamps much more
|
||||
vague, so by default they don't help timing attacks much even if
|
||||
they're leaked. -RD]
|
||||
|
||||
|
||||
* * * *
|
||||
@ -379,8 +397,6 @@ Can anybody remember why we wanted to do this and/or what it means?
|
||||
d Limit to 2 dir, 2 OR, N SOCKS connections per IP.
|
||||
- Or maybe close connections from same IP when we get a lot from one.
|
||||
- Or maybe block IPs that connect too many times at once.
|
||||
- when somebody uses the controlport as an http proxy, give them
|
||||
a "tor isn't an http proxy" error too like we do for the socks port.
|
||||
- we try to build 4 test circuits to break them over different
|
||||
servers. but sometimes our entry node is the same for multiple
|
||||
test circuits. this defeats the point.
|
||||
|
Loading…
Reference in New Issue
Block a user