Re: [tor-dev] The future of GetTor

[Adam Pritchard <a.pritchard@xxxxxxxxxx>]

I'm currently the maintainer of GetTor [1], and together with Nima and
Sukhbir we have been talking about the future of it.

If this conversation moves elsewhere, I would really like to be kept in the loop.Â

I'm the primary maintainer of Psiphon's email auto-responder, which was initially modeled on Tor's approach. Psiphon is, obviously, also extremely interested in robust ways of making our tools available in censoring regions. (So, Satori, etc., are also interesting.)

Relatedly...Â

When doing Logjam, etc., testing on our responder I found testssl.sh[1] to be a handy tool. Used like so:Â

./testssl.sh --mx torproject.org

CheckTLS[2] is also good for actually doing email send and receive tests.

We're currently struggling a bit with just how hardcore we can be in securing our server communications. Right now Postfix is configured[3] to only connect out using TLS and only accept incoming TLS connections from servers with a verifiable cert. That seems reasonable, except... we're getting complaints that Chinese mail services don't meet those criteria, and Chinese users can't/won't/don't use Gmail/Hotmail/Yahoo.

...As an example of the sort of shared hurdles we might encounter.

[1]: https://testssl.sh/

[2]: https://www.checktls.com/

[3]:Âhttps://bitbucket.org/psiphon/psiphon-circumvention-system/src/2d052db9597d/EmailResponder/README.md#markdown-header-sample-maincf

--Â

Adam Pritchard
Psiphon Inc.

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev