diff options
| author | Nick Mathewson <nickm@torproject.org> | 2007-08-24 14:41:19 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2007-08-24 14:41:19 +0000 |
| commit | a69d526b3100781d1c8512be99d6cfbbb1d45db5 (patch) | |
| tree | f921bc01e46aaa08a2a9d5d801892073447ee1d6 | |
| parent | 7efc165095eb012ade29b635d02d5fb6356eca41 (diff) | |
| download | tor-a69d526b3100781d1c8512be99d6cfbbb1d45db5.tar.gz tor-a69d526b3100781d1c8512be99d6cfbbb1d45db5.zip | |
r14205@Kushana: nickm | 2007-08-24 10:29:26 -0400
Remove a bunch of completed items from the TODO.
svn:r11271
| -rw-r--r-- | doc/TODO | 65 |
1 files changed, 2 insertions, 63 deletions
@@ -57,44 +57,18 @@ Things we'd like to do in 0.2.0.x: away and then returns before the old descriptor has expired. - add a --quiet commandline option that suppresses logs. useful for --hashed-password and maybe others. - o Update dir-spec with decisions made on these issues: - o clients don't log as loudly when they receive them - o they don't count toward the 3-strikes rule - D But eventually, we give up after getting a lot of 503s. - D Delay when we get a lot of 503s, rather than punting onto the - servers that have given us 503s? - o Add a 'BadDirectory' flag to statuses. - o authorities should *never* 503 a cache, and should never 503 - network status requests. - D They can 503 client descriptor requests when they feel like it. - How can they distinguish? Not implemented for now, maybe - should abandon. - o describe our 302 not modified behaviors. - o and document a bit more -- e.g. it looks like we return an empty - 200 OK when somebody asks us for a networkstatus and we don't - have it? - Proposals: . 101: Voting on the Tor Directory System (plus 103) - o Prepare ASAP for new voting formats - o Don't flip out with warnings when voting-related URLs are - uploaded/downloaded. . Finalize proposal - o Merge 101 and 103 and dir-spec.txt into a new dir-spec.txt; fork - the existing one into dir-spec-v2.txt. * Describe schedule in copious detail. - Get authorities voting . Code to manage key certificates - Download as needed. - o Serve list as needed. - o Avoid double-checking signatures every time we get a vote. - . Code to generate consensus from a list of votes * Detect whether votes are really all for the same period. . Push/pull documents as appropriate. - o Serve interim votes and signatures. - Pull votes and signatures if we don't get them. - o Store consensuses - Cache votes and signatures on disk. o Have clients know which authorities are v3 authorities, and what their keys are. @@ -112,16 +86,8 @@ Things we'd like to do in 0.2.0.x: - Start caching consensus documents once authorities make them - Start downloading and using consensus documents once caches serve them . 104: Long and Short Router Descriptors - o Merge proposal - Drop bandwidth history from router-descriptors - 105: Version negotiation for the Tor protocol - o 108: Base "Stable" Flag on Mean Time Between Failures - o Track mtbf in rephist.c - o Do not delete old stability information if we're an authority. - o Make sure authorities call up/down functions as appropriate. - o Record mtbf between invocations - o Base Stable on mtbf. - o Test mtbf logic. - 113: Simplifying directory authority administration - 110: prevent infinite-length circuits (phase one) - servers should recognize relay_extend cells and pass them @@ -159,20 +125,15 @@ Things we'd like to do in 0.2.0.x: - Implement TLS shutdown properly when possible. - Maybe move NT services into their own module. . Autoconf cleanups and improvements: - o Remove redundant event.h check. - o Check for zlib with the same machinery as for libevent and openssl. - o Make the "no longer strictly accurate" message accurate. . Tell the user what -dev package to install based on OS. - Detect correct version of libraries. - o Run autoupdate - Refactor networkstatus generation: - o Use networkstatus_getinfo_helper_single() as base of - networkstatus generation; eliminate duplicate code. - Include "v" line in getinfo values. + - Features: - Traffic priorities - Ability to prioritize own traffic over relayed traffic. - - DNS Proxy + . DNS Proxy - Document it - A better UI for authority ops. - Follow weasel's proposal, crossed with mixminion dir config format @@ -233,8 +194,6 @@ N - Design/implement the "local-status" or something like it, from the - Teach exit policies about ipv6 (consider ipv4/ipv6 interaction!) - ... - Let servers decide to support BEGIN_DIR but not DirPort. - o Tor should bind its ports before dropping privs, so users don't - have to do the ipchains dance. - Blocking-resistance. - It would be potentially helpful to https requests on the OR port by acting like an HTTPS server. @@ -266,10 +225,6 @@ Deferred from 0.1.2.x: - handle connect-dir streams that don't have a chosen_exit_name set. - 'networkstatus arrived' event - More work on AvoidDiskWrites? - - Get some kind of "meta signing key" to be used solely to sign - releases/to certify releases when signed by the right people/ - to certify sign the right people's keys? Also use this to cert the SSL - key, etc. (Proposal 103) - per-conn write buckets - separate config options for read vs write limiting (It's hard to support read > write, since we need better @@ -294,12 +249,6 @@ Deferred from 0.1.2.x: just not try to get) descriptors, so it'll never build circuits. - Tolerate clock skew on bridge relays. - X Eventdns improvements - X Have a way to query for AAAA and A records simultaneously. - X Improve request API: At the very least, add the ability to construct - a more-or-less arbitrary request and get a response. - X (Can we suppress cnames? Should we?) - - Now that we're avoiding exits when picking non-exit positions, we need to consider how to pick nodes for internal circuits. If we avoid exits for all positions, we skew the load balancing. If @@ -359,9 +308,6 @@ M - rewrite how libevent does select() on win32 so it's not so very slow. Minor items for 0.1.2.x as time permits: - include bandwidth breakdown by conn->type in BW events. - o Unify autoconf search code for libevent and openssl. Make code - suggest platform-appropriate "devel" / "dev" / whatever packages - if we can link but we can't find the headers. - Recommend polipo? Please? - Make documentation realize that location of system configuration file will depend on location of system defaults, and isn't always /etc/torrc. @@ -371,9 +317,6 @@ Minor items for 0.1.2.x as time permits: R - add d64 and fp64 along-side d and fp so people can paste status entries into a url. since + is a valid base64 char, only allow one at a time. spec and then do. - o When we export something from foo.c file for testing purposes only, - make a foo_test.h file for test.c to include... or put them behind an - #ifdef FOO_PRIVATE. - The Debian package now uses --verify-config when (re)starting, to distinguish configuration errors from other errors. Perhaps the RPM and other startup scripts should too? @@ -458,9 +401,6 @@ Future version: such errors recently, then don't warn about it. - More consistent error checking in router_parse_entry_from_string(). I can say "banana" as my bandwidthcapacity, and it won't even squeak. - o Include the output of svn info in the binary, so it's trivial to see what - version a binary was built from. - o Do the same for svk info. - Add a doxygen style checker to make check-spaces so nick doesn't drift too far from arma's undocumented styleguide. Also, document that styleguide in HACKING. (See r9634 for example.) @@ -518,7 +458,6 @@ Future version: design. - DoS protection: TLS puzzles, public key ops, bandwidth exhaustion. - Specify? - o tor-resolve script should use socks5 to get better error messages. - hidserv offerers shouldn't need to define a SocksPort * figure out what breaks for this, and do it. - tor should be able to have a pool of outgoing IP addresses |