[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] Clean TODO indentation
Update of /home/or/cvsroot/doc
In directory moria.mit.edu:/tmp/cvs-serv25481/doc
Modified Files:
TODO
Log Message:
Clean TODO indentation
Index: TODO
===================================================================
RCS file: /home/or/cvsroot/doc/TODO,v
retrieving revision 1.187
retrieving revision 1.188
diff -u -d -r1.187 -r1.188
--- TODO 27 Oct 2004 03:08:43 -0000 1.187
+++ TODO 27 Oct 2004 03:14:54 -0000 1.188
@@ -10,239 +10,238 @@
D Deferred
X Abandoned
- 0.0.9pre4:
- o Don't use FascistFirewall if you're going via Tor, or if
- you're going via HttpProxy.
- o make RecommendedVersions a CONFIG_TYPE_LINELIST option
- o node 'groups' that are known to be in the same zone of control.
- o Nodes can list their coadministrated nodes.
- o If A lists B, it only counts if B also lists A
- o Users can list other coadministrated nodes if they like.
- o Never choose two coadministrated nodes in the same circuit.
- o let tor servers use proxies for port 80 exits
- o Use generic port redirector for IP/bits:Port->IP:Port .
- o Make use of them when we're doing exit connections.
- X We should set things in options to NULL, not rely on memset(...0)
- being equivalent.
- o We should check for memset(0) setting things to NULL with
- autoconf, and then rely on it in the code.
+0.0.9pre4:
+ o Don't use FascistFirewall if you're going via Tor, or if
+ you're going via HttpProxy.
+ o make RecommendedVersions a CONFIG_TYPE_LINELIST option
+ o node 'groups' that are known to be in the same zone of control.
+ o Nodes can list their coadministrated nodes.
+ o If A lists B, it only counts if B also lists A
+ o Users can list other coadministrated nodes if they like.
+ o Never choose two coadministrated nodes in the same circuit.
+ o let tor servers use proxies for port 80 exits
+ o Use generic port redirector for IP/bits:Port->IP:Port .
+ o Make use of them when we're doing exit connections.
+ X We should set things in options to NULL, not rely on memset(...0)
+ being equivalent.
+ o We should check for memset(0) setting things to NULL with
+ autoconf, and then rely on it in the code.
- 0.0.9pre5/6:
- o Replace running-routers with a router-status line that can be used
- without a list of router descriptors.
- o Add a log handler that sends stuff to syslog.
- o Deprecate unofficial configuration abbrevs; make official abbrevs
- only official on the command line.
- - per-month byte allowances.
-N - Based on bandwidth and per-month allowance, choose a
- window within month to be up. Stay up until allowance is
- used. Adjust next month's window based on outcome. Hibernate
- when we're not up.
-R - Hibernate means "stop accepting connections, and start sleeping"
- Implement hibernation. Have a separate
- about-to-start-hibernating state implemented in similar way to
- will shut-down-in-30-seconds state.
- - Rendezvous service bug: can we nail it down?
-R . bandwidth buckets for write as well as read.
-N - Make watchdogged clients check cached-directory mtime to avoid
- fetching directory in a tight loop.
- - Implement If-Modified-Since for directories.
-N - Handle rendezvousing with unverified nodes.
- - Specify: Stick rendezvous point's key in INTRODUCE cell.
- Bob should _always_ use key from INTRODUCE cell.
- - Implement.
-R - figure out enclaves, e.g. so we know what to recommend that people
- do, and so running a tor server on your website is helpful.
- - Do enclaves for same IP only.
- - Resolve first, then if IP is an OR, connect to next guy.
-N - Pure C tor_resolve
-N - the user interface interface
- - Skeleton only.
- - Implement parts along with trivial fun gui.
-N - add ipv6 support.
- - Spec issue: if a resolve returns an IP4 and an IP6 address,
- which to use?
-N&R - Update Spec
-R - learn from ben about his openssl-reinitialization-trick to
- rotate tls keys without making new connections.
- - (Roger grabs Ben next time he sees him on IRC)
- - christian grothoff's attack of infinite-length circuit.
- the solution is to have a separate 'extend-data' cell type
- which is used for the first N data cells, and only
- extend-data cells can be extend requests.
- - have a pool of circuits available, cannibalize them
- for your purposes (e.g. rendezvous, etc).
- D nt services on win32.
- - Once we have a trusted directory on port 80, stop falling back to
- forbidden ports when fascistfirewall blocks all good dirservers.
+0.0.9pre5/6:
+ o Replace running-routers with a router-status line that can be used
+ without a list of router descriptors.
+ o Add a log handler that sends stuff to syslog.
+ o Deprecate unofficial configuration abbrevs; make official abbrevs
+ only official on the command line.
+ - per-month byte allowances.
+N - Based on bandwidth and per-month allowance, choose a
+ window within month to be up. Stay up until allowance is
+ used. Adjust next month's window based on outcome. Hibernate
+ when we're not up.
+R - Hibernate means "stop accepting connections, and start sleeping"
+ Implement hibernation. Have a separate
+ about-to-start-hibernating state implemented in similar way to
+ will shut-down-in-30-seconds state.
+ - Rendezvous service bug: can we nail it down?
+R . bandwidth buckets for write as well as read.
+N - Make watchdogged clients check cached-directory mtime to avoid
+ fetching directory in a tight loop.
+ - Implement If-Modified-Since for directories.
+N - Handle rendezvousing with unverified nodes.
+ - Specify: Stick rendezvous point's key in INTRODUCE cell.
+ Bob should _always_ use key from INTRODUCE cell.
+ - Implement.
+R - figure out enclaves, e.g. so we know what to recommend that people
+ do, and so running a tor server on your website is helpful.
+ - Do enclaves for same IP only.
+ - Resolve first, then if IP is an OR, connect to next guy.
+N - Pure C tor_resolve
+N - the user interface interface
+ - Skeleton only.
+ - Implement parts along with trivial fun gui.
+N - add ipv6 support.
+ - Spec issue: if a resolve returns an IP4 and an IP6 address,
+ which to use?
+N&R - Update Spec
+R - learn from ben about his openssl-reinitialization-trick to
+ rotate tls keys without making new connections.
+ - (Roger grabs Ben next time he sees him on IRC)
+ - christian grothoff's attack of infinite-length circuit.
+ the solution is to have a separate 'extend-data' cell type
+ which is used for the first N data cells, and only
+ extend-data cells can be extend requests.
+ - have a pool of circuits available, cannibalize them
+ for your purposes (e.g. rendezvous, etc).
+ D nt services on win32.
+ - Once we have a trusted directory on port 80, stop falling back to
+ forbidden ports when fascistfirewall blocks all good dirservers.
- 0.0.9 and beyond:
- - fix sprintf's to snprintf's?
- . Make intro points and rendezvous points accept $KEYID in addition
- to nicknames.
- o Specify
- o Implement parsing
- - Generate new formats (Not till 007 is dead)
- - make loglevel info less noisy
- - Facility to automatically choose long-term helper nodes; perhaps
- on by default for hidden services.
- - Make command-line strict about checking options; make only certain
- option prefixes work.
- - Rate-limit OR and directory connections overall and per-IP and
- maybe per subnet.
- - put expiry date on onion-key, so people don't keep trying
- old ones that they could know are expired?
-* Leave on todo list, see if pre3 onion fixes helped enough.
- - should the running-routers list put unverified routers at the
- end?
-* Cosmetic, don't do it yet.
- - make advertised_server_mode() ORs fetch dirs more often.
-* not necessary yet.
- - Add a notion of nickname->Pubkey binding that's not 'verification'
-* eventually, only when needed
- - ORs use uniquer default nicknames
-* Don't worry about this for now
- - Handle full buffers without totally borking
-* do this eventually, no rush.
- - do resolve before trying to attach the stream
-* don't do this for now.
- - if destination IP is running a tor node, extend a circuit there
- before sending begin.
-* don't do this for now. figure out how enclaves work. but do enclaves soon.
- - Support egd or other non-OS-integrated strong entropy sources
+ 0.0.9 and beyond:
+ - fix sprintf's to snprintf's?
+ . Make intro points and rendezvous points accept $KEYID in addition
+ to nicknames.
+ o Specify
+ o Implement parsing
+ - Generate new formats (Not till 007 is dead)
+ - make loglevel info less noisy
+ - Facility to automatically choose long-term helper nodes; perhaps
+ on by default for hidden services.
+ - Make command-line strict about checking options; make only certain
+ option prefixes work.
+ - Rate-limit OR and directory connections overall and per-IP and
+ maybe per subnet.
+ - put expiry date on onion-key, so people don't keep trying
+ old ones that they could know are expired?
+ * Leave on todo list, see if pre3 onion fixes helped enough.
+ - should the running-routers list put unverified routers at the
+ end?
+ * Cosmetic, don't do it yet.
+ - make advertised_server_mode() ORs fetch dirs more often.
+ * not necessary yet.
+ - Add a notion of nickname->Pubkey binding that's not 'verification'
+ * eventually, only when needed
+ - ORs use uniquer default nicknames
+ * Don't worry about this for now
+ - Handle full buffers without totally borking
+ * do this eventually, no rush.
+ - do resolve before trying to attach the stream
+ * don't do this for now.
+ - if destination IP is running a tor node, extend a circuit there
+ before sending begin.
+ * don't do this for now. figure out how enclaves work. but do
+ enclaves soon.
+ - Support egd or other non-OS-integrated strong entropy sources
- more features, complex:
- - password protection for on-disk identity key
- . Switch dirservers entries to config lines:
- o read in and parse each TrustedDir config line.
- o stop reading dirservers file.
- o add some default TrustedDir lines if none defined, or if
- no torrc.
- o remove notion of ->is_trusted_dir from the routerlist. that's
- no longer where you look.
- o clean up router parsing flow, since it's simpler now?
- o when checking signature on a directory, look it up in
- options.TrustedDirs, and make sure there's a descriptor
- with that nickname, whose key hashes to the fingerprint,
- and who correctly signed the directory.
- o when fetching a directory, if you want a trusted one,
- choose from the trusteddir list.
- o which means keeping track of which ones are "up"
- ? if you don't need a trusted one, choose from the routerinfo
- list if you have one, else from the trusteddir list.
-* roger will do the above
- - add a listener for a ui
-* nick chats with weasel
- - and a basic gui
- - Have clients and dirservers preserve reputation info over
- reboots.
-* continue not doing until we have something we need to preserve
- - round detected bandwidth up to nearest 10KB?
- - client software not upload descriptor until:
- - you've been running for an hour
- - it's sufficiently satisfied with its bandwidth
- - it decides it is reachable
- - start counting again if your IP ever changes.
- - never regenerate identity keys, for now.
- - you can set a bit for not-being-an-OR.
-* no need to do this yet. few people define their ORPort.
- - authdirserver lists you as running iff:
- - he can connect to you
- - he has successfully extended to you
- - you have sufficient mean-time-between-failures
-* keep doing nothing for now.
+ more features, complex:
+ - password protection for on-disk identity key
+ . Switch dirservers entries to config lines:
+ o read in and parse each TrustedDir config line.
+ o stop reading dirservers file.
+ o add some default TrustedDir lines if none defined, or if
+ no torrc.
+ o remove notion of ->is_trusted_dir from the routerlist. that's
+ no longer where you look.
+ o clean up router parsing flow, since it's simpler now?
+ o when checking signature on a directory, look it up in
+ options.TrustedDirs, and make sure there's a descriptor
+ with that nickname, whose key hashes to the fingerprint,
+ and who correctly signed the directory.
+ o when fetching a directory, if you want a trusted one,
+ choose from the trusteddir list.
+ o which means keeping track of which ones are "up"
+ ? if you don't need a trusted one, choose from the routerinfo
+ list if you have one, else from the trusteddir list.
+ * roger will do the above
+ - add a listener for a ui, and a basic GUI
+ - and a basic gui
+ - Have clients and dirservers preserve reputation info over
+ reboots.
+ * continue not doing until we have something we need to preserve
+ - round detected bandwidth up to nearest 10KB?
+ - client software not upload descriptor until:
+ - you've been running for an hour
+ - it's sufficiently satisfied with its bandwidth
+ - it decides it is reachable
+ - start counting again if your IP ever changes.
+ - never regenerate identity keys, for now.
+ - you can set a bit for not-being-an-OR.
+ * no need to do this yet. few people define their ORPort.
+ - authdirserver lists you as running iff:
+ - he can connect to you
+ - he has successfully extended to you
+ - you have sufficient mean-time-between-failures
+ * keep doing nothing for now.
- blue sky:
- - Possible to get autoconf to easily install things into ~/.tor?
+ blue sky:
+ - Possible to get autoconf to easily install things into ~/.tor?
- ongoing:
- . rename/rearrange functions for what file they're in
- - generalize our transport: add transport.c in preparation for
- http, airhook, etc transport.
+ ongoing:
+ . rename/rearrange functions for what file they're in
+ - generalize our transport: add transport.c in preparation for
+ http, airhook, etc transport.
NICK - investigate sctp for alternate transport.
For September:
NICK . Windows port
- o works as client
- - deal with pollhup / reached_eof on all platforms
- . robust as a client
- . works as server
- - can be configured
- - robust as a server
- . Usable as NT service
- - docs for building in win
- - installer, including all needed libs.
+ o works as client
+ - deal with pollhup / reached_eof on all platforms
+ . robust as a client
+ . works as server
+ - can be configured
+ - robust as a server
+ . Usable as NT service
+ - docs for building in win
+ - installer, including all needed libs.
- - Docs
- . FAQ
- o overview of tor. how does it work, what's it do, pros and
- cons of using it, why should I use it, etc.
- - a howto tutorial with examples
-* put a stub on the wiki
- o tutorial: how to set up your own tor network
- o (need to not hardcode dirservers file in config.c)
- - Make tutorial reflect this.
- - port forwarding howto for ipchains, etc
-* roger add to wiki of requests
- . correct, update, polish spec
- - document the exposed function api?
- o document what we mean by socks.
+ - Docs
+ . FAQ
+ o overview of tor. how does it work, what's it do, pros and
+ cons of using it, why should I use it, etc.
+ - a howto tutorial with examples
+ * put a stub on the wiki
+ o tutorial: how to set up your own tor network
+ o (need to not hardcode dirservers file in config.c)
+ - Make tutorial reflect this.
+ - port forwarding howto for ipchains, etc
+ * roger add to wiki of requests
+ . correct, update, polish spec
+ - document the exposed function api?
+ o document what we mean by socks.
-NICK . packages
- . rpm
-* nick will look at the spec file
- - find a long-term rpm maintainer
-* roger will start guilting people
+N . packages
+ . rpm
+ * nick will look at the spec file
+ - find a long-term rpm maintainer
+ * roger will start guilting people
- - code
- - better warn/info messages
- o let tor do resolves.
- o extend socks4 to do resolves?
- o make script to ask tor for resolves
- - write howto for setting up tsocks, socat.
- - including on osx and win32
- - freecap handling
- - tsocks
- o gather patches, submit to maintainer
-* send him a reminder mail and see what's up.
- - intercept gethostbyname and others
-* add this to tsocks
- o do resolve via tor
- - redesign and thorough code revamp, with particular eye toward:
- - support half-open tcp connections
- - conn key rotation
- - other transports -- http, airhook
- - modular introduction mechanism
- - allow non-clique topology
+ - code
+ - better warn/info messages
+ o let tor do resolves.
+ o extend socks4 to do resolves?
+ o make script to ask tor for resolves
+ - write howto for setting up tsocks, socat.
+ - including on osx and win32
+ - freecap handling
+ - tsocks
+ o gather patches, submit to maintainer
+ * send him a reminder mail and see what's up.
+ - intercept gethostbyname and others
+ * add this to tsocks
+ o do resolve via tor
+ - redesign and thorough code revamp, with particular eye toward:
+ - support half-open tcp connections
+ - conn key rotation
+ - other transports -- http, airhook
+ - modular introduction mechanism
+ - allow non-clique topology
Other details and small and hard things:
- - tor should be able to have a pool of outgoing IP addresses
- that it is able to rotate through. (maybe)
- - tie into squid
- - hidserv offerers shouldn't need to define a SocksPort
-* figure out what breaks for this, and do it.
- - when the client fails to pick an intro point for a hidserv,
- it should refetch the hidserv desc.
- . should maybe make clients exit(1) when bad things happen?
- e.g. clock skew.
- - should retry exitpolicy end streams even if the end cell didn't
- resolve the address for you
- . Make logs handle it better when writing to them fails.
- o Dirserver shouldn't put you in running-routers list if you haven't
- uploaded a descriptor recently
- . Refactor: add own routerinfo to routerlist. Right now, only
- router_get_by_nickname knows about 'this router', as a hack to
- get circuit_launch_new to do the right thing.
- . Scrubbing proxies
- - Find an smtp proxy?
- . Get socks4a support into Mozilla
- - Need a relay teardown cell, separate from one-way ends.
- - Make it harder to circumvent bandwidth caps: look at number of bytes
- sent across sockets, not number sent inside TLS stream.
- - fix router_get_by_* functions so they can get ourselves too,
- and audit everything to make sure rend and intro points are
- just as likely to be us as not.
-
+ - tor should be able to have a pool of outgoing IP addresses
+ that it is able to rotate through. (maybe)
+ - tie into squid
+ - hidserv offerers shouldn't need to define a SocksPort
+ * figure out what breaks for this, and do it.
+ - when the client fails to pick an intro point for a hidserv,
+ it should refetch the hidserv desc.
+ . should maybe make clients exit(1) when bad things happen?
+ e.g. clock skew.
+ - should retry exitpolicy end streams even if the end cell didn't
+ resolve the address for you
+ . Make logs handle it better when writing to them fails.
+ o Dirserver shouldn't put you in running-routers list if you haven't
+ uploaded a descriptor recently
+ . Refactor: add own routerinfo to routerlist. Right now, only
+ router_get_by_nickname knows about 'this router', as a hack to
+ get circuit_launch_new to do the right thing.
+ . Scrubbing proxies
+ - Find an smtp proxy?
+ . Get socks4a support into Mozilla
+ - Need a relay teardown cell, separate from one-way ends.
+ - Make it harder to circumvent bandwidth caps: look at number of bytes
+ sent across sockets, not number sent inside TLS stream.
+ - fix router_get_by_* functions so they can get ourselves too,
+ and audit everything to make sure rend and intro points are
+ just as likely to be us as not.
***************************Future tasks:****************************