[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Tor Weekly News â October 31st, 2015

Tor Weekly News                                       October 31st, 2015

Welcome to the thirty-seventh issue in 2015 of Tor Weekly News, the
weekly newsletter that covers whatâs happening in the Tor community.


 1. IETF reserves .onion as a Special-Use Domain Name
 2. Tor proposal updates
 3. Miscellaneous news
 4. Upcoming events

IETF reserves .onion as a Special-Use Domain Name

Several years of effort by Tor Project members and contributors bore
fruit this week when the Internet Engineering Task Force, which develops
and promotes voluntary standards for Internet technologies, recognized
the .onion suffix as a special-use domain name [1].

As Jacob Appelbaum, who led the charge along with Facebook security
engineer Alec Muffett, explained: âIETF name reservations are part of a
lesser known process that ensures a registered Special-Use Domain Name
will not become a Top Level Domain (TLD) to be sold by the Internet
Corporation For Assigned Names and Numbers (ICANN).â In other words, it
will not be possible for domain registrars to sell web addresses ending
in .onion; if it were, it would create problems for Torâs hidden service
system, which uses that suffix to allow users to run anonymous and
censorship-resistant web services accessible via the Tor Browser.

Another benefit of the name reservation is that it will now be possible
to buy Extended Validation (EV) SSL certificates for .onion domains, a
system which Facebook has trialled on its own popular hidden
service [2].

âWe think that this is a small and important landmark in the movement to
build privacy into the structure of the Internetâ, wrote Jacob.
Congratulations to all those who spent time drafting this proposal and
advocating for its adoption.

  [1]: https://blog.torproject.org/blog/landmark-hidden-services-onion-names-reserved-ietf
  [2]: https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs

Tor proposal updates

Torâs body of development proposals, documents that plan for
improvements and changes in Torâs software ecosystem, has seen some
additions, updates, and reviews over the past week.

Nick Mathewson published proposal 256 [3], which examines methods for
revoking the long-lived public keys used by Tor relays and directory
authorities in the event that they are compromised, or the operator
believes there is a significant possibility that they have been
compromised. Andrea Shepard wrote proposal 258 [4], explaining how
directory authorities could mitigate the risk of denial-of-service (DOS)
attacks by classifying the types of directory requests they receive and
setting thresholds for each. Nick and Andrea together published proposal
257 [5], which identifies the different functions performed by directory
authorities and examines how the risk of DOS attacks could be reduced by
âisolating the security-critical, high-resource, and
availability-critical pieces of our directory infrastructure from one

George Kadianakis published a review [6] of all the open proposals
relevant to next-generation hidden services, giving a summary of each
one along with its current status, âso that researchers and developers
have easier access to themâ.

Proposal 250, which specifies how directory authorities can come up with
a shared random value every day, and which George describes as âa
prerequisiteâ for all other work on next-gen hidden services, was itself
updated to reflect changes in the implementation, which is almost
finished, as David Goulet explained [7]. Finally, Tim Wilson-Brown
(teor) published a revised version [8] of the as-yet unnumbered proposal
for ârendevous single onion servicesâ, âan alternative design for single
onion services, which trade service-side location privacy for improved
performance, reliability, and scalabilityâ.

If you have any comments on these or other Tor proposals, feel free to
post your thoughts to the tor-dev mailing list.

  [3]: https://lists.torproject.org/pipermail/tor-dev/2015-October/009798.html
  [4]: https://lists.torproject.org/pipermail/tor-dev/2015-October/009821.html
  [5]: https://lists.torproject.org/pipermail/tor-dev/2015-October/009799.html
  [6]: https://lists.torproject.org/pipermail/tor-dev/2015-October/009762.html
  [7]: https://lists.torproject.org/pipermail/tor-dev/2015-October/009812.html
  [8]: https://lists.torproject.org/pipermail/tor-dev/2015-October/009763.html

Miscellaneous news

The Tor BSD Diversity Project [9], âan effort to extend the use of the
BSD Unixes into the Tor ecosystem, from the desktop to the networkâ,
announced [10] the release of an OpenBSD port of Tor Browser 5.0.3, its
sixth Tor Browser release for BSD systems. See attilaâs announcement for
download instructions, as well as a report on the TDPâs other
development and advocacy activities.

  [9]: https://torbsd.github.io/
 [10]: https://lists.torproject.org/pipermail/tor-dev/2015-October/009800.html

Torâs Metrics team, âa group of Tor people who care about measuring and
analyzing things in the public Tor networkâ, now has its own public
mailing list and wiki page, as Karsten Loesing announced [11]. There is
a simple step to complete before you can post freely to the list, but
anyone interested in âmeasurements and analysisâ is welcome to listen in
on discussions, and to check the teamâs roadmap and workflow on the wiki

 [11]: https://lists.torproject.org/pipermail/tor-dev/2015-October/009808.html

âIn an attempt to make Pluggable Transports more accessible to other
people, and to have a spec that is more applicable and useful to other
projects that seek to use Pluggable Transports for circumventionâ,
Yawning Angel drafted a rewrite of the pluggable transports spec
document [12]. No behavior changes are specified in this rewrite, but
âunless people have serious objections, this will replace the existing
PT spec, to serve as a stop-gap while the next revision of the PT spec
(that does alter behavior) is being drafted/implementedâ.

 [12]: https://lists.torproject.org/pipermail/tor-dev/2015-October/009815.html

Simone Bassano published a report [13] on the OONI hackathon that took
place in Rome at the start of October. A working beta version of
MeasurementKit and progress on NetworkMeter, as well as ways to make use
of censorship data, were among the outcomes.

 [13]: https://lists.torproject.org/pipermail/ooni-dev/2015-October/000353.html

Upcoming events

  Nov 02 17:00 UTC | OONI team meeting
                   | #ooni, itc.oftc.net
  Nov 02 19:00 UTC | Tor Browser meeting
                   | #tor-dev, irc.oftc.net
  Nov 03 16:00 UTC | SponsorR meeting
                   | #tor-dev, irc.oftc.net
  Nov 03 18:00 UTC | Core Tor patch workshop
                   | #tor-dev, irc.oftc.net
  Nov 03 19:00 UTC | Tails contributors meeting
                   | #tails-dev, irc.oftc.net
                   | https://mailman.boum.org/pipermail/tails-project/2015-October/000335.html
  Nov 04 15:30 UTC | Network team meeting
                   | #tor-dev, irc.oftc.net
  Nov 05 14:00 UTC | Metrics team meeting
                   | #tor-dev, irc.oftc.net
                   | https://trac.torproject.org/projects/tor/wiki/org/teams/MetricsTeam
  Nov 05 15:00 UTC | 1-1-1 task exchange meeting
                   | #tor-dev, irc.oftc.net

This issue of Tor Weekly News has been assembled by Harmony.

Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
important news. Please see the project page [14], write down your
name and subscribe to the team mailing list [15] if you want to
get involved!

 [14]: https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
 [15]: https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to