aboutsummaryrefslogtreecommitdiff
path: root/proposals/098-todo.txt
diff options
context:
space:
mode:
Diffstat (limited to 'proposals/098-todo.txt')
-rw-r--r--proposals/098-todo.txt62
1 files changed, 62 insertions, 0 deletions
diff --git a/proposals/098-todo.txt b/proposals/098-todo.txt
new file mode 100644
index 0000000..40c2ca5
--- /dev/null
+++ b/proposals/098-todo.txt
@@ -0,0 +1,62 @@
+
+ Proposals that should be written
+
+
+For protocol version 2:
+
+ - Fix onionskin handshake scheme to be more mainstream, less nutty.
+ Can we just do
+ E(HMAC(g^x), g^x) rather than just E(g^x) ?
+ No, that has the same flaws as before. We should send
+ E(g^x, C) with random C and expect g^y, HMAC_C(K=g^xy).
+ Better ask Ian; probably Stephen too.
+ - Versioned CREATE and friends
+ - Length on CREATE and friends
+ - Versioning on circuits
+ - Versioning on create cells
+ - SHA1 is showing its age
+ - Not being able to upgrade ciphersuites or increase key lengths is
+ lame.
+
+Any time:
+
+ - REASON_CONNECTFAILED should include an IP.
+ - Spec should incorporate some prose from tor-design to be more readable.
+ - Spec when we should rotate which keys
+
+
+Things that should change...
+
+B.1. ... but which will require backward-incompatible change
+
+ - Circuit IDs should be longer.
+ - IPv6 everywhere.
+ - Maybe, keys should be longer.
+ - Maybe, key-length should be adjustable. How to do this without
+ making anonymity suck?
+ - Drop backward compatibility.
+ - We should use a 128-bit subgroup of our DH prime.
+ - Handshake should use HMAC.
+ - Multiple cell lengths.
+ - Ability to split circuits across paths (If this is useful.)
+ - SENDME windows should be dynamic.
+
+ - Directory
+ - Stop ever mentioning socks ports
+
+B.1. ... and that will require no changes
+
+ - Mention multiple addr/port combos
+ - Advertised outbound IP?
+ - Migrate streams across circuits.
+
+B.2. ... and that we have no idea how to do.
+
+ - UDP (as transport)
+ - UDP (as content)
+ - Use a better AES mode that has built-in integrity checking,
+ doesn't grow with the number of hops, is not patented, and
+ is implemented and maintained by smart people.
+
+Let onion keys be not just RSA but maybe DH too. for the reply onion
+design.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion