[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] update based on discussions at discex iii

To: or-cvs@freehaven.net
Subject: [or-cvs] update based on discussions at discex iii
From: arma@seul.org (Roger Dingledine)
Date: Fri, 25 Apr 2003 14:29:48 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: or-cvs-outgoing@seul.org
Delivered-to: or-cvs@seul.org
Delivery-date: Fri, 25 Apr 2003 14:29:55 -0400
Reply-to: or-dev@freehaven.net
Sender: owner-or-cvs@freehaven.net

Update of /home/or/cvsroot/doc
In directory moria.mit.edu:/home/arma/work/onion/cvs/doc

Modified Files:
	FAQ TODO 
Log Message:
update based on discussions at discex iii


Index: FAQ
===================================================================
RCS file: /home/or/cvsroot/doc/FAQ,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- FAQ	5 Apr 2003 19:04:05 -0000	1.3
+++ FAQ	25 Apr 2003 18:29:45 -0000	1.4
@@ -90,7 +90,14 @@
 
 5.1. So I'm totally anonymous if I use tor?
 
+
+
 5.2. Where can I learn more about anonymity?
+
+5.3. What attacks remain against onion routing?
+
+tagging: can change bytes in the cells, even through link encryption
+end node can give back wrong data, even subtly wrong data.
 
 
 6. Comparison to related projects.

Index: TODO
===================================================================
RCS file: /home/or/cvsroot/doc/TODO,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- TODO	18 Apr 2003 18:57:22 -0000	1.5
+++ TODO	25 Apr 2003 18:29:45 -0000	1.6
@@ -17,21 +17,23 @@
                 - aes when we everybody has openssl 0.9.7
         . Topics / circuits
                 o Implement topics
-                - Rotate circuits after N minutes?
-                - Circuits should expire when circuit->expire triggers
+                o Rotate circuits after N minutes?
+                X Circuits should expire when circuit->expire triggers
 NICK            . Handle half-open connections
-                - Figure out what causes connections to close, standardize
-                        when we mark a connection vs when we tear it down
+                        - Figure out what causes connections to close, standardize
+                          when we mark a connection vs when we tear it down
 NICK            - Look at what ssl does to keep from mutating data streams
 NICK    . On the fly compression of each stream
         o Clean up the event loop (optimize and sanitize)
 ARMA    o Remove that awful concept of 'roles'
-ARMA    - Exit policies
-                - Spec how to write the exit policies
+ARMA    . Exit policies
+                o Spec how to write the exit policies
                 - Path selection algorithms
                         - Let user request certain nodes
                         - And disallow certain nodes
-                        - Choose path by jurisdiction, etc?
+                        D Choose path by jurisdiction, etc?
+                - Rewrite how the AP works
+SPEC!!  D Non-clique topologies
         D Implement our own memory management, at least for common structs
         . Appropriate logging
                 - Come up with convention for what log level means what
@@ -51,19 +53,21 @@
                         - We have max workers running
                 - Consider taking the master out of the loop?
         . Directory servers
-                - Automated reputation management
-ARMA            - Include key in source; sign directories
+                D Automated reputation management
+NICK            - Include key in source; sign directories
+                - Add versions to code
 ARMA            - Have directories list recommended-versions
                         - Quit if running the wrong version
                         - Command-line option to override quit
                 . Add more information to directory server entries
-                        - Exit policies
-                        - jurisdiction? others?
-SPEC!!          - Figure out how to do threshold directory servers
+                        o Exit policies
+                        D jurisdiction? others?
+SPEC!!          D Figure out how to do threshold directory servers
         . Scrubbing proxies
                 - Find an smtp proxy?
-                - Find an ftp proxy? Figure out how that would work?
-                - Wait until there are packet redirectors for Linux
+                        - Check the old smtp proxy code
+                o Find an ftp proxy? wget --passive
+                D Wait until there are packet redirectors for Linux
                 . Get socks4a support into Mozilla
         . Get tor to act like a socks server
                 o socks4, socks4a
@@ -79,9 +83,9 @@
                         o Cells
                 . Better comments for functions!
         - Tests
-NICK            - Testing harness/infrastructure
-                - Unit tests
-                - System tests (how?)
+NICK            o Testing harness/infrastructure
+                . Unit tests
+                D System tests (how?)
                 - Performance tests, so we know when we've improved
                         . webload infrastructure (Bruce)
                         . httperf infrastructure (easy to set up)
@@ -89,14 +93,13 @@
         D Deploy a widespread network
         . Router twins
                 o Choose twin if primary is down, when laying circuit
-                - Load balancing between twins
+                D Load balancing between twins
                         - Keep track of load over links/nodes, to
                           know who's hosed
 NICK    - Daemonize and package
                 o Teach it to fork and background
                 - Red Hat spec file
                 - Debian spec file equivalent
-                
         . Autoconf
                 . Which .h files are we actually using? Port to:
                         o Linux
@@ -104,20 +107,24 @@
                         . Solaris
                         . Windows
 NICK                    . OS X
-        . Move away from openssl
+                - openssl randomness
+                - inet_ntoa, stdint.h
+                - Make a script to set up a local network on your machine
+        D Move away from openssl
                 o Abstract out crypto calls
-                D Look at ndss, others? Just include code?
+                D Look at nss, others? Just include code?
 
         . transition addr to sin_addr (huh?)
 
         . Clean up the number of places that get to look at prkey
-SPEC!!  - Non-clique topologies, clearer bandwidth management
+        . Clearer bandwidth management 
+        - Total rate limiting
         . Look at OR handshake in more detail
                 o Spec it
                 - Merge OR and OP handshakes
                         - But figure out how to indicate if we're OR?
-                - Periodic link key rotation. Spec?
+                D Periodic link key rotation. Spec?
         - More flexibility in node addressing
-                - Support IPv6 rather than just 4
-                - Handle multihomed servers
+                D Support IPv6 rather than just 4
+                - Handle multihomed servers (config variable to set IP)

Prev by Author: [or-cvs] bugfix: a circ can"t be youngest if it"s still connecting t...
Previous by thread: [or-cvs] bugfix: a circ can"t be youngest if it"s still connecting t...
Next by thread: [or-cvs] Basic diffie-helman wrappers with fixed modulus and tests
Index(es):
- Author
- Thread