mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
b4b9b27adb
svn:r1681
110 lines
4.4 KiB
Plaintext
110 lines
4.4 KiB
Plaintext
|
|
Legend:
|
|
SPEC!! - Not specified
|
|
SPEC - Spec not finalized
|
|
NICK - nick claims
|
|
ARMA - arma claims
|
|
- Not done
|
|
* Top priority
|
|
. Partially done
|
|
o Done
|
|
D Deferred
|
|
X Abandoned
|
|
|
|
Flag-day changes: (things which are backward incompatible)
|
|
o remove link key from directories, from connection_t.
|
|
(just get it from the tls cert)
|
|
o Generate link keys on startup; don't store them to disk.
|
|
o make onion keys include oaep padding, so you can tell
|
|
if you decrypted it correctly
|
|
o Rotate onion keys as needed
|
|
D Rotate TLS connections [arma]
|
|
o Set expiration times on X509 certs [nickm]
|
|
o add bandwidthrate and bandwidthburst to server descriptor [nickm]
|
|
o directories need to say who signed them. [nickm]
|
|
- remove assumption that 0.0.5 doesn't do rendezvous?
|
|
D what other pieces of the descriptors need to change?
|
|
maybe add a section for who's connected to a given router?
|
|
add a flexible section for reputation info?
|
|
|
|
For September:
|
|
- Windows port
|
|
- works as client
|
|
- deal with pollhup / reached_eof on all platforms
|
|
- robust as a client
|
|
- works as server
|
|
- can be configured
|
|
- robust as a server
|
|
- docs for building in win
|
|
- installer?
|
|
|
|
- Docs
|
|
- FAQ
|
|
- overview of tor. how does it work, what's it do, pros and
|
|
cons of using it, why should I use it, etc.
|
|
- a howto tutorial with examples
|
|
- tutorial: how to set up your own tor network
|
|
- (need to not hardcore dirservers file in config.c)
|
|
- correct, update, polish spec
|
|
- document the exposed function api?
|
|
- document what we mean by socks.
|
|
|
|
- packages
|
|
- rpm
|
|
- find a long-term rpm maintainer
|
|
|
|
- code
|
|
- better warn/info messages
|
|
- let tor do resolves.
|
|
- extend socks4 to do resolves?
|
|
- make script to ask tor for resolves
|
|
- tsocks
|
|
- gather patches, submit to maintainer
|
|
- intercept gethostbyname and others, do resolve via tor
|
|
- redesign and thorough code revamp, with particular eye toward:
|
|
- support half-open tcp connections
|
|
- conn key rotation
|
|
- other transports -- http, airhook
|
|
- modular introduction mechanism
|
|
- allow non-clique topology
|
|
|
|
Other details and small things:
|
|
. should maybe make clients exit(1) when bad things happen?
|
|
e.g. clock skew.
|
|
- should retry exitpolicy end streams even if the end cell didn't
|
|
resolve the address for you
|
|
- Add '[...truncated]' or similar to truncated log entries (like the directory
|
|
in connection_dir_process_inbuf()).
|
|
. Make logs handle it better when writing to them fails.
|
|
- Dirserver shouldn't put you in running-routers list if you haven't
|
|
uploaded a descriptor recently
|
|
. Refactor: add own routerinfo to routerlist. Right now, only
|
|
router_get_by_nickname knows about 'this router', as a hack to
|
|
get circuit_launch_new to do the right thing.
|
|
|
|
Rendezvous service:
|
|
- preemptively build and start rendezvous circs
|
|
- preemptively build n-1 hops of intro circs?
|
|
- cannibalize general circs?
|
|
- fix router_get_by_* functions so they can get ourselves too,
|
|
and audit everything to make sure rend and intro points are
|
|
just as likely to be us as not.
|
|
|
|
In the distant future:
|
|
. Scrubbing proxies
|
|
- Find an smtp proxy?
|
|
. Get socks4a support into Mozilla
|
|
- migrate to using IPv6 sizes everywhere
|
|
- handle half-open tcp conns
|
|
- Extend by nickname/hostname/something, not by IP.
|
|
- Need a relay teardown cell, separate from one-way ends.
|
|
- Make it harder to circumvent bandwidth caps: look at number of bytes
|
|
sent across sockets, not number sent inside TLS stream.
|
|
- Look at having smallcells and largecells
|
|
D Advanced directory servers
|
|
D Automated reputation management
|
|
D Figure out how to do threshold directory servers
|
|
D jurisdiction info in dirserver entries? other info?
|
|
X On the fly compression of each stream
|
|
|