1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
Legend:
SPEC!! - Not specified
SPEC - Spec not finalized
NICK - nick claims
ARMA - arma claims
- Not done
* Top priority
. Partially done
o Done
D Deferred
X Abandoned
Flag-day changes: (things which are backward incompatible)
o remove link key from directories, from connection_t.
(just get it from the tls cert)
o Generate link keys on startup; don't store them to disk.
o make onion keys include oaep padding, so you can tell
if you decrypted it correctly
o Rotate onion keys as needed
D Rotate TLS connections [arma]
o Set expiration times on X509 certs [nickm]
o add bandwidthrate and bandwidthburst to server descriptor [nickm]
o directories need to say who signed them. [nickm]
- remove assumption that 0.0.5 doesn't do rendezvous?
D what other pieces of the descriptors need to change?
maybe add a section for who's connected to a given router?
add a flexible section for reputation info?
For September:
- Windows port
- works as client
- deal with pollhup / reached_eof on all platforms
- robust as a client
- works as server
- can be configured
- robust as a server
- docs for building in win
- installer?
- Docs
- FAQ
- overview of tor. how does it work, what's it do, pros and
cons of using it, why should I use it, etc.
- a howto tutorial with examples
- tutorial: how to set up your own tor network
- (need to not hardcore dirservers file in config.c)
- correct, update, polish spec
- document the exposed function api?
- document what we mean by socks.
- packages
- rpm
- find a long-term rpm maintainer
- code
- better warn/info messages
- let tor do resolves.
- extend socks4 to do resolves?
- make script to ask tor for resolves
- tsocks
- gather patches, submit to maintainer
- intercept gethostbyname and others, do resolve via tor
- redesign and thorough code revamp, with particular eye toward:
- support half-open tcp connections
- conn key rotation
- other transports -- http, airhook
- modular introduction mechanism
- allow non-clique topology
Other details and small things:
. should maybe make clients exit(1) when bad things happen?
e.g. clock skew.
- should retry exitpolicy end streams even if the end cell didn't
resolve the address for you
- Add '[...truncated]' or similar to truncated log entries (like the directory
in connection_dir_process_inbuf()).
. Make logs handle it better when writing to them fails.
- Dirserver shouldn't put you in running-routers list if you haven't
uploaded a descriptor recently
. Refactor: add own routerinfo to routerlist. Right now, only
router_get_by_nickname knows about 'this router', as a hack to
get circuit_launch_new to do the right thing.
Rendezvous service:
- preemptively build and start rendezvous circs
- preemptively build n-1 hops of intro circs?
- cannibalize general circs?
- fix router_get_by_* functions so they can get ourselves too,
and audit everything to make sure rend and intro points are
just as likely to be us as not.
In the distant future:
. Scrubbing proxies
- Find an smtp proxy?
. Get socks4a support into Mozilla
- migrate to using IPv6 sizes everywhere
- handle half-open tcp conns
- Extend by nickname/hostname/something, not by IP.
- Need a relay teardown cell, separate from one-way ends.
- Make it harder to circumvent bandwidth caps: look at number of bytes
sent across sockets, not number sent inside TLS stream.
- Look at having smallcells and largecells
D Advanced directory servers
D Automated reputation management
D Figure out how to do threshold directory servers
D jurisdiction info in dirserver entries? other info?
X On the fly compression of each stream
|