diff options
| author | Nick Mathewson <nickm@torproject.org> | 2007-01-26 06:08:05 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2007-01-26 06:08:05 +0000 |
| commit | f77d56b93eb8aada52e9098213778d047f47c665 (patch) | |
| tree | db052895f96a1912d170c6f58c347827251cafec /proposals/098-todo.txt | |
| parent | c82fbcd057696c5b2c2143e7c5eddeab73d84a1c (diff) | |
| download | torspec-f77d56b93eb8aada52e9098213778d047f47c665.tar.gz torspec-f77d56b93eb8aada52e9098213778d047f47c665.zip | |
r11521@catbus: nickm | 2007-01-26 01:07:55 -0500
Split tor-spec-v2 and dir-voting into component proposals.
svn:r9417
Diffstat (limited to 'proposals/098-todo.txt')
| -rw-r--r-- | proposals/098-todo.txt | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/proposals/098-todo.txt b/proposals/098-todo.txt new file mode 100644 index 0000000..40c2ca5 --- /dev/null +++ b/proposals/098-todo.txt @@ -0,0 +1,62 @@ + + Proposals that should be written + + +For protocol version 2: + + - Fix onionskin handshake scheme to be more mainstream, less nutty. + Can we just do + E(HMAC(g^x), g^x) rather than just E(g^x) ? + No, that has the same flaws as before. We should send + E(g^x, C) with random C and expect g^y, HMAC_C(K=g^xy). + Better ask Ian; probably Stephen too. + - Versioned CREATE and friends + - Length on CREATE and friends + - Versioning on circuits + - Versioning on create cells + - SHA1 is showing its age + - Not being able to upgrade ciphersuites or increase key lengths is + lame. + +Any time: + + - REASON_CONNECTFAILED should include an IP. + - Spec should incorporate some prose from tor-design to be more readable. + - Spec when we should rotate which keys + + +Things that should change... + +B.1. ... but which will require backward-incompatible change + + - Circuit IDs should be longer. + - IPv6 everywhere. + - Maybe, keys should be longer. + - Maybe, key-length should be adjustable. How to do this without + making anonymity suck? + - Drop backward compatibility. + - We should use a 128-bit subgroup of our DH prime. + - Handshake should use HMAC. + - Multiple cell lengths. + - Ability to split circuits across paths (If this is useful.) + - SENDME windows should be dynamic. + + - Directory + - Stop ever mentioning socks ports + +B.1. ... and that will require no changes + + - Mention multiple addr/port combos + - Advertised outbound IP? + - Migrate streams across circuits. + +B.2. ... and that we have no idea how to do. + + - UDP (as transport) + - UDP (as content) + - Use a better AES mode that has built-in integrity checking, + doesn't grow with the number of hops, is not patented, and + is implemented and maintained by smart people. + +Let onion keys be not just RSA but maybe DH too. for the reply onion +design. |