summaryrefslogtreecommitdiff
path: root/doc/TODO
blob: e8bd43df6228e6d06220ef6eaf1e6ae3a1d9d433 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
Legend:
SPEC!!  - Not specified
SPEC    - Spec not finalized
NICK    - nick claims
ARMA    - arma claims
        - Not done
        * Top priority
        . Partially done
        o Done
        D Deferred
        X Abandoned

Flag-day changes: (things which are backward incompatible)
        o remove link key from directories, from connection_t.
          (just get it from the tls cert)
        o Generate link keys on startup; don't store them to disk.
        o make onion keys include oaep padding, so you can tell
          if you decrypted it correctly
        o Rotate onion keys as needed
        D Rotate TLS connections [arma]
        o Set expiration times on X509 certs [nickm]
        o add bandwidthrate and bandwidthburst to server descriptor [nickm]
        o directories need to say who signed them. [nickm]
        - remove assumption that 0.0.5 doesn't do rendezvous?
        D what other pieces of the descriptors need to change?
          maybe add a section for who's connected to a given router?
          add a flexible section for reputation info?

For September:
        - Windows port
          - works as client
            - deal with pollhup / reached_eof on all platforms
          - robust as a client
          - works as server
            - can be configured
          - robust as a server
          - docs for building in win
          - installer?

        - Docs
          - FAQ
          - overview of tor. how does it work, what's it do, pros and
            cons of using it, why should I use it, etc.
          - a howto tutorial with examples
          - tutorial: how to set up your own tor network
            - (need to not hardcore dirservers file in config.c)
          - correct, update, polish spec
          - document the exposed function api?
          - document what we mean by socks.

        - packages
          - rpm
          - find a long-term rpm maintainer

        - code
          - better warn/info messages
          - let tor do resolves.
          - extend socks4 to do resolves?
          - make script to ask tor for resolves
          - tsocks
            - gather patches, submit to maintainer
            - intercept gethostbyname and others, do resolve via tor
          - redesign and thorough code revamp, with particular eye toward:
            - support half-open tcp connections
            - conn key rotation
            - other transports -- http, airhook
            - modular introduction mechanism
            - allow non-clique topology

Other details and small things:
        . should maybe make clients exit(1) when bad things happen?
          e.g. clock skew.
        - should retry exitpolicy end streams even if the end cell didn't
          resolve the address for you
        - Add '[...truncated]' or similar to truncated log entries (like the directory
          in connection_dir_process_inbuf()).
        . Make logs handle it better when writing to them fails.
        - Dirserver shouldn't put you in running-routers list if you haven't
          uploaded a descriptor recently
        . Refactor: add own routerinfo to routerlist.  Right now, only
          router_get_by_nickname knows about 'this router', as a hack to
          get circuit_launch_new to do the right thing.

Rendezvous service:
        - preemptively build and start rendezvous circs
        - preemptively build n-1 hops of intro circs?
        - cannibalize general circs?
        - fix router_get_by_* functions so they can get ourselves too,
          and audit everything to make sure rend and intro points are
          just as likely to be us as not.

In the distant future:
        . Scrubbing proxies
                - Find an smtp proxy?
                . Get socks4a support into Mozilla
        - migrate to using IPv6 sizes everywhere
        - handle half-open tcp conns
        - Extend by nickname/hostname/something, not by IP.
        - Need a relay teardown cell, separate from one-way ends.
        - Make it harder to circumvent bandwidth caps: look at number of bytes
          sent across sockets, not number sent inside TLS stream.
        - Look at having smallcells and largecells
        D Advanced directory servers
                D Automated reputation management
                D Figure out how to do threshold directory servers
                D jurisdiction info in dirserver entries? other info?
        X On the fly compression of each stream