From 1eef207b51ddbb92c2bc4a02ae7b46929583355b Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 10:39:46 -0600 Subject: Use mdbook-linkcheck to detect missing defs for ref-style links Suppose in raw markdown we have: ```markdown See [foo][barr]. [bar]: https://link-to-bar ``` The intent is to link the text "foo", but because of a typo it used the label barr instead of bar. The result is that the rendered html won't have a link at all. The text will be rendered literally as `[foo][barr]`. Since there's no link (not even a broken one), a link checker run over the rendered output won't spot the problem. The mdbook-linkcheck plugin correctly detects this issue. However, it doesn't understand links that go between our two mdbook projects since the relative paths in the source don't match the relative paths in the rendered output. Since checking whether the links are non-broken is already covered by `bin/check_links` (using linklint), we can disable checking the link destinations altogether. --- .gitlab-ci.yml | 4 ++-- mdbook/proposals/book.toml | 10 ++++++++++ mdbook/spec/book.toml | 10 ++++++++++ 3 files changed, 22 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 06942af..ddd399d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -17,7 +17,7 @@ build: script: - env - apt-get update && apt-get install -y git python3 python3-yaml - - ./bin/via-cargo-install-in-ci mdbook + - ./bin/via-cargo-install-in-ci mdbook mdbook-linkcheck - | if test "$MMDC" != "" ; then ./bin/mermaid-cli-in-ci @@ -46,7 +46,7 @@ link-check: - when: always script: - apt-get update && apt-get install -y git python3 python3-yaml linklint - - ./bin/via-cargo-install-in-ci mdbook + - ./bin/via-cargo-install-in-ci mdbook mdbook-linkcheck - ./bin/build_html - ./bin/check_links artifacts: diff --git a/mdbook/proposals/book.toml b/mdbook/proposals/book.toml index fdbe64a..8a6045b 100644 --- a/mdbook/proposals/book.toml +++ b/mdbook/proposals/book.toml @@ -19,6 +19,16 @@ theme = "../theme" # additional-js = ["theme/pagetoc.js"] no-section-label = true +[output.linkcheck] +warning-policy = "error" +# We effectively disable checking link destinations by excluding +# all links (`.*`). +# +# We're only using linkcheck to validate that reference-style links have *some* +# definition in the markdown, ensuring that *some* link will be generated. We +# validate that those links are correct using a separate tool (`bin/check_links`) +exclude = [ '.*' ] + [output.html.search] enable = false diff --git a/mdbook/spec/book.toml b/mdbook/spec/book.toml index b85e320..58dc503 100644 --- a/mdbook/spec/book.toml +++ b/mdbook/spec/book.toml @@ -25,3 +25,13 @@ theme = "../theme" "/tor-design.html" = "https://svn.torproject.org/svn/projects/design-paper/tor-design.pdf" "/walking-onions.html" = "https://spec.torproject.org/proposals/323-walking-onions-full.html" # END AUTO-GENERATED REDIRECTS + +[output.linkcheck] +warning-policy = "error" +# We effectively disable checking link destinations by excluding +# all links (`.*`). +# +# We're only using linkcheck to validate that reference-style links have *some* +# definition in the markdown, ensuring that *some* link will be generated. We +# validate that those links are correct using a separate tool (`bin/check_links`) +exclude = [ '.*' ] -- cgit v1.2.3-54-g00ecf From 72722037eed69e1a05d204c62ed9629f5b571b85 Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 18:23:30 -0600 Subject: Reorganize output Adding an additional output plugin to mdbook causes it to create an extra level of subdirectories in its build directory; one for each output plugin. We add an intermediate build directory `build`, and after building the individual mdbooks, construct the `html` directory with the desired layout. --- .gitignore | 5 ++++- bin/build_html | 26 ++++++++++++++------------ mdbook/proposals/book.toml | 2 +- mdbook/spec/book.toml | 2 +- 4 files changed, 20 insertions(+), 15 deletions(-) diff --git a/.gitignore b/.gitignore index 2f9bd0f..905198f 100644 --- a/.gitignore +++ b/.gitignore @@ -12,7 +12,10 @@ # OS X folder cruft .DS_Store -# mdbook outputs +# mdbook build dir +/build + +# generated html (reorganized from the build dir) /html # bin/check_links output diff --git a/bin/build_html b/bin/build_html index 26fd7d8..0a3d7f6 100755 --- a/bin/build_html +++ b/bin/build_html @@ -18,7 +18,7 @@ cd "${TOPLEVEL}" # and then make changes to that copy. # # When we are done with these changes, we will set some variables: -# - HTML_OUTPUT_DIR is "", or the location where we have put our output. +# - MDBOOK_OUTPUT_DIR is "", or the location where we have put our raw mdbook output. # - MDBOOK_DIR is the parent directory of the possibly modified copies # of mdbook/{spec,proposals}. @@ -36,7 +36,7 @@ if test -n "${MMDC:-}" || command -v "mmdc" >&/dev/null; then TMPDIR=$(mktemp -d "${TOPLEVEL}/tmp_mmdc.XXXXXXXX") trap 'rm -rf "$TMPDIR"' 0 ./bin/mermaid_cvt_svg "$TMPDIR" - HTML_OUTPUT_DIR="$TMPDIR/html" + MDBOOK_OUTPUT_DIR="$TMPDIR/build" MDBOOK_DIR="$TMPDIR/mdbook" elif test -n "${MDBOOK_MERMAID:-}" || command -v "mdbook-mermaid" >&/dev/null; then # CASE 2: mdbook_mermaid is installed. @@ -53,24 +53,26 @@ elif test -n "${MDBOOK_MERMAID:-}" || command -v "mdbook-mermaid" >&/dev/null; t cp -r ./mdbook/proposals ./mdbook/spec ./mdbook/theme "$TMPDIR" mdbook-mermaid install "$TMPDIR/spec" mdbook-mermaid install "$TMPDIR/proposals" - HTML_OUTPUT_DIR="" + MDBOOK_OUTPUT_DIR="" MDBOOK_DIR="$TMPDIR" else # CASE 3: No mermaid support. # # In this case we run mdbook on our inputs unchanged. # The mermaid blocks will render as code. - HTML_OUTPUT_DIR="" + MDBOOK_OUTPUT_DIR="" MDBOOK_DIR="$TOPLEVEL/mdbook" fi -cd "${MDBOOK_DIR}/spec" -$MDBOOK build +$MDBOOK build "${MDBOOK_DIR}/spec" +$MDBOOK build "${MDBOOK_DIR}/proposals" -cd "${MDBOOK_DIR}/proposals" -$MDBOOK build - -if test -n "${HTML_OUTPUT_DIR}"; then - rm -rf "${TOPLEVEL}/html" - mv "${HTML_OUTPUT_DIR}" "${TOPLEVEL}/html" +if test -n "${MDBOOK_OUTPUT_DIR}"; then + rm -rf "${TOPLEVEL}/build" + mv "${MDBOOK_OUTPUT_DIR}" "${TOPLEVEL}/build" fi + +rm -rf "${TOPLEVEL}/html/" +cp -r "${TOPLEVEL}/build/spec/html/" "${TOPLEVEL}" +cp -r "${TOPLEVEL}/build/proposals/html/" "${TOPLEVEL}/html/proposals/" + diff --git a/mdbook/proposals/book.toml b/mdbook/proposals/book.toml index 8a6045b..e466b1b 100644 --- a/mdbook/proposals/book.toml +++ b/mdbook/proposals/book.toml @@ -7,7 +7,7 @@ title = "Tor design proposals" use-default-preprocessors = false [build] -build-dir = "../../html/proposals" +build-dir = "../../build/proposals" [preprocessor.links] diff --git a/mdbook/spec/book.toml b/mdbook/spec/book.toml index 58dc503..16668c9 100644 --- a/mdbook/spec/book.toml +++ b/mdbook/spec/book.toml @@ -6,7 +6,7 @@ src = "../../spec" title = "Tor Specifications" [build] -build-dir = "../../html" +build-dir = "../../build/spec" [preprocessor] -- cgit v1.2.3-54-g00ecf From b74a68361735b4a7c60ed395f417d22914986ae2 Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 11:05:05 -0600 Subject: Escape brackets that aren't meant to be reference-links --- proposals/332-ntor-v3-with-extra-data.md | 4 +-- proposals/339-udp-over-tor.md | 2 +- spec/guard-spec/algorithm.md | 4 +-- spec/rend-spec/introduction-protocol.md | 4 +-- spec/tor-spec/create-created-cells.md | 16 +++++------ spec/tor-spec/negotiating-channels.md | 48 ++++++++++++++++---------------- spec/tor-spec/routing-relay-cells.md | 2 +- spec/tor-spec/subprotocol-versioning.md | 6 ++-- 8 files changed, 43 insertions(+), 43 deletions(-) diff --git a/proposals/332-ntor-v3-with-extra-data.md b/proposals/332-ntor-v3-with-extra-data.md index 58a3bf3..10f0dd4 100644 --- a/proposals/332-ntor-v3-with-extra-data.md +++ b/proposals/332-ntor-v3-with-extra-data.md @@ -47,7 +47,7 @@ The client knows: * An optional "verification" string. The relay knows: - * A set of [(b,B)...] "onion key" keypairs. One of them is + * A set of \[(b,B)...\] "onion key" keypairs. One of them is "current", the others are outdated, but still valid. * ID: Its own identity. * A function for computing a server message SM, based on a given @@ -398,7 +398,7 @@ client sends a message, with type `CIRCWINDOW_INC`, containing a two-byte integer equal to `circwindow_inc_dflt`. The relay rejects the message if the value given is outside of the -[`circwindow_inc_min`, `circwindow_inc_max`] range. Otherwise, it +\[`circwindow_inc_min`, `circwindow_inc_max`\] range. Otherwise, it accepts it, and replies with the same message that the client sent. # X.2: Test vectors diff --git a/proposals/339-udp-over-tor.md b/proposals/339-udp-over-tor.md index 5993bdc..12de0c6 100644 --- a/proposals/339-udp-over-tor.md +++ b/proposals/339-udp-over-tor.md @@ -264,7 +264,7 @@ I'd suggest we do it. 1. We would add a new "`FLAG_UNCONNECTED`" flag for `CONNECT_UDP` messages. -2. We would designate the ANY addresses 0.0.0.0:0 and [::]:0 as permitted in +2. We would designate the ANY addresses 0.0.0.0:0 and \[::\]:0 as permitted in `CONNECT_UDP` messages, and as indicating unconnected sockets. These would be only permitted along with the `FLAG_UNCONNECTED` flag, and not permitted otherwise. diff --git a/spec/guard-spec/algorithm.md b/spec/guard-spec/algorithm.md index 1db72f5..ba1c725 100644 --- a/spec/guard-spec/algorithm.md +++ b/spec/guard-spec/algorithm.md @@ -407,11 +407,11 @@ When we want to build a circuit, and we need to pick a guard: When selecting a guard according to this approach, its circuit is ``. - [Note: We do not use {is_pending} on primary guards, since we + \[Note: We do not use {is_pending} on primary guards, since we are willing to try to build multiple circuits through them before we know for sure whether they work, and since we will not use any non-primary guards until we are sure that the - primary guards are all down. (XX is this good?)] + primary guards are all down. (XX is this good?)\] * Otherwise, if the ordered intersection of {CONFIRMED_GUARDS} and {USABLE_FILTERED_GUARDS} is nonempty, return the first diff --git a/spec/rend-spec/introduction-protocol.md b/spec/rend-spec/introduction-protocol.md index 98e71a2..f23a6a1 100644 --- a/spec/rend-spec/introduction-protocol.md +++ b/spec/rend-spec/introduction-protocol.md @@ -487,14 +487,14 @@ prop327. If the service requires the PROOF_OF_WORK extension but received an INTRODUCE1 cell without any embedded proof-of-work, the service SHOULD consider this cell as a zero-effort introduction for the purposes of the priority queue (see -section [INTRO_QUEUE] of prop327). +section \[INTRO_QUEUE\] of prop327). (TODO: We should have a proof-of-work.md to fold in prop327. For now, just point to the proposal.) #### Subprotocol Request -[RESERVED] +\[RESERVED\] EXT_FIELD_TYPE: diff --git a/spec/tor-spec/create-created-cells.md b/spec/tor-spec/create-created-cells.md index 965cad1..b5cf224 100644 --- a/spec/tor-spec/create-created-cells.md +++ b/spec/tor-spec/create-created-cells.md @@ -141,10 +141,10 @@ connect to it. Recognized specifiers are: | Value | Description | ----- | ----------- -| [00] | TLS-over-TCP, IPv4 address. A four-byte IPv4 address plus two-byte ORPort. -| [01] | TLS-over-TCP, IPv6 address. A sixteen-byte IPv6 address plus two-byte ORPort. -| [02] | Legacy identity. A 20-byte SHA1 identity fingerprint. At most one may be listed. -| [03] | Ed25519 identity. A 32-byte Ed25519 identity fingerprint. At most one may be listed. +| \[00\] | TLS-over-TCP, IPv4 address. A four-byte IPv4 address plus two-byte ORPort. +| \[01\] | TLS-over-TCP, IPv6 address. A sixteen-byte IPv6 address plus two-byte ORPort. +| \[02\] | Legacy identity. A 20-byte SHA1 identity fingerprint. At most one may be listed. +| \[03\] | Ed25519 identity. A 32-byte Ed25519 identity fingerprint. At most one may be listed. Nodes MUST ignore unrecognized specifiers, and MUST accept multiple instances of specifiers other than 'legacy identity' and @@ -336,7 +336,7 @@ The server's handshake reply is: | `SERVER_KP` | `Y` | `G_LENGTH` bytes | `AUTH` | `H(auth_input, t_mac)` | `H_LENGTH` bytes -The client then checks `Y` is in G* [see NOTE below], and computes +The client then checks `Y` is in G* \[see NOTE below\], and computes ```text secret_input = EXP(Y,x) | EXP(B,x) | ID | B | X | Y | PROTOID @@ -601,13 +601,13 @@ they may be overridden in the description of individual extensions.) Currently supported extensions are: - * 1 -- `CC_FIELD_REQUEST` [Client to server] + * 1 -- `CC_FIELD_REQUEST` \[Client to server\] Contains an empty payload. Signifies that the client wants to use the extended congestion control described in proposal 324. - * 2 -- `CC_FIELD_RESPONSE` [Server to client] + * 2 -- `CC_FIELD_RESPONSE` \[Server to client\] Indicates that the relay will use the congestion control of proposal 324, as requested by the client. One byte @@ -615,7 +615,7 @@ Currently supported extensions are: `sendme_inc [1 byte]` - * 3 -- Subprotocol Request [Client to Server] + * 3 -- Subprotocol Request \[Client to Server\] (RESERVED) Tells the endpoint what protocol version to use on the circuit (prop346). diff --git a/spec/tor-spec/negotiating-channels.md b/spec/tor-spec/negotiating-channels.md index 1184fd8..1ab3721 100644 --- a/spec/tor-spec/negotiating-channels.md +++ b/spec/tor-spec/negotiating-channels.md @@ -321,34 +321,34 @@ cell, and authenticated the responder. If AuthType is 1 (meaning "RSA-SHA256-TLSSecret"), then the Authentication field of the AUTHENTICATE cell contains the following: -* TYPE: The characters "AUTH0001" [8 octets] -* CID: A SHA256 hash of the initiator's RSA1024 identity key [32 octets] -* SID: A SHA256 hash of the responder's RSA1024 identity key [32 octets] +* TYPE: The characters "AUTH0001" \[8 octets\] +* CID: A SHA256 hash of the initiator's RSA1024 identity key \[32 octets\] +* SID: A SHA256 hash of the responder's RSA1024 identity key \[32 octets\] * SLOG: A SHA256 hash of all bytes sent from the responder to the initiator as part of the negotiation up to and including the AUTH_CHALLENGE cell; that is, the VERSIONS cell, the CERTS cell, - the AUTH_CHALLENGE cell, and any padding cells. [32 octets] + the AUTH_CHALLENGE cell, and any padding cells. \[32 octets\] * CLOG: A SHA256 hash of all bytes sent from the initiator to the responder as part of the negotiation so far; that is, the - VERSIONS cell and the CERTS cell and any padding cells. [32 - octets] -* SCERT: A SHA256 hash of the responder's TLS link certificate. [32 - octets] + VERSIONS cell and the CERTS cell and any padding cells. \[32 + octets\] +* SCERT: A SHA256 hash of the responder's TLS link certificate. \[32 + octets\] * TLSSECRETS: A SHA256 HMAC, using the TLS master secret as the secret key, of the following: - client_random, as sent in the TLS Client Hello - server_random, as sent in the TLS Server Hello - the NUL terminated ASCII string: "Tor V3 handshake TLS cross-certification" - [32 octets] + \[32 octets\] * RAND: A 24 byte value, randomly chosen by the initiator. (In an imitation of SSL3's gmt_unix_time field, older versions of Tor sent an 8-byte timestamp as the first 8 bytes of this field; - new implementations should not do that.) [24 octets] + new implementations should not do that.) \[24 octets\] * SIG: A signature of a SHA256 hash of all the previous fields using the initiator's "Authenticate" key as presented. (As always in Tor, we use OAEP-MGF1 padding; see [Ciphers](./preliminaries.md#ciphers)) - [variable length] + \[variable length\] To check the AUTHENTICATE cell, a responder checks that all fields from TYPE through TLSSECRETS contain their unique @@ -370,31 +370,31 @@ Authentication field of the AuthType cell is as below: Modified values and new fields below are marked with asterisks. -* TYPE: The characters "AUTH0003" [8 octets] -* CID: A SHA256 hash of the initiator's RSA1024 identity key [32 octets] -* SID: A SHA256 hash of the responder's RSA1024 identity key [32 octets] -* CID_ED: The initiator's Ed25519 identity key [32 octets] -* SID_ED: The responder's Ed25519 identity key, or all-zero. [32 octets] +* TYPE: The characters "AUTH0003" \[8 octets\] +* CID: A SHA256 hash of the initiator's RSA1024 identity key \[32 octets\] +* SID: A SHA256 hash of the responder's RSA1024 identity key \[32 octets\] +* CID_ED: The initiator's Ed25519 identity key \[32 octets\] +* SID_ED: The responder's Ed25519 identity key, or all-zero. \[32 octets\] * SLOG: A SHA256 hash of all bytes sent from the responder to the initiator as part of the negotiation up to and including the AUTH_CHALLENGE cell; that is, the VERSIONS cell, the CERTS cell, - the AUTH_CHALLENGE cell, and any padding cells. [32 octets] + the AUTH_CHALLENGE cell, and any padding cells. \[32 octets\] * CLOG: A SHA256 hash of all bytes sent from the initiator to the responder as part of the negotiation so far; that is, the - VERSIONS cell and the CERTS cell and any padding cells. [32 - octets] -* SCERT: A SHA256 hash of the responder's TLS link certificate. [32 - octets] + VERSIONS cell and the CERTS cell and any padding cells. \[32 + octets\] +* SCERT: A SHA256 hash of the responder's TLS link certificate. \[32 + octets\] * TLSSECRETS: The output of an RFC5705 Exporter function on the TLS session, using as its inputs: - The label string "EXPORTER FOR TOR TLS CLIENT BINDING AUTH0003" - The context value equal to the initiator's Ed25519 identity key. - The length 32. - [32 octets] -* RAND: A 24 byte value, randomly chosen by the initiator. [24 octets] + \[32 octets\] +* RAND: A 24 byte value, randomly chosen by the initiator. \[24 octets\] * SIG: A signature of all previous fields using the initiator's Ed25519 authentication key (as in the cert with CertType 6). - [variable length] + \[variable length\] To check the AUTHENTICATE cell, a responder checks that all fields from TYPE through TLSSECRETS contain their unique diff --git a/spec/tor-spec/routing-relay-cells.md b/spec/tor-spec/routing-relay-cells.md index 15a5f20..abe9828 100644 --- a/spec/tor-spec/routing-relay-cells.md +++ b/spec/tor-spec/routing-relay-cells.md @@ -93,4 +93,4 @@ OP receives relay cell from node 1: Stop and process the payload. ``` -[1]: ["Relay cells"](./relay-cells.md#relay-cells) +\[1\]: ["Relay cells"](./relay-cells.md#relay-cells) diff --git a/spec/tor-spec/subprotocol-versioning.md b/spec/tor-spec/subprotocol-versioning.md index 780a337..82b25c4 100644 --- a/spec/tor-spec/subprotocol-versioning.md +++ b/spec/tor-spec/subprotocol-versioning.md @@ -162,7 +162,7 @@ Current versions are as follows. 0.4.7.3-alpha. This adds a new CREATE2 cell type. See proposal 332 and [The "ntor-v3" handshake](./create-created-cells.md#ntor-v3) for more details. - * "5" -- [RESERVED] support the ntorv3 subprotocol request extension (prop346) + * "5" -- \[RESERVED\] support the ntorv3 subprotocol request extension (prop346) allowing a client to request what features to be used on a circuit. @@ -266,7 +266,7 @@ These correspond more or less with consensus methods. Describes the padding capabilities of the relay. - * "1" -- [DEFUNCT] Relay supports circuit-level padding. This version MUST NOT + * "1" -- \[DEFUNCT\] Relay supports circuit-level padding. This version MUST NOT be used as it was also enabled in relays that don't actually support circuit-level padding. Advertised by Tor versions from tor-0.4.0.1-alpha and only up to and including tor-0.4.1.4-rc. @@ -303,6 +303,6 @@ in order to split traffic across multiple paths. Describes the UDP protocol capabilities of a relay. - * "1" -- [RESERVED] supports UDP by an Exit as in the relay command + * "1" -- \[RESERVED\] supports UDP by an Exit as in the relay command CONNECT_UDP, CONNECTED_UDP and DATAGRAM. See proposal 339 for more details. (Not yet advertised, reserved) -- cgit v1.2.3-54-g00ecf From 865a95d684f22f05a0b28f5268b32ce27f17eb54 Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 11:11:40 -0600 Subject: Add missing link --- spec/back-matter.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/spec/back-matter.md b/spec/back-matter.md index 6a50633..a0dc862 100644 --- a/spec/back-matter.md +++ b/spec/back-matter.md @@ -55,7 +55,9 @@ see the ## Editing advice -To edit these specs, clone the [git repository] and edit the +To edit these specs, clone the +[git repository](https://gitlab.torproject.org/tpo/core/torspec/) +and edit the appropriate file in the [`spec` directory]. These files will match the URLs of their corresponding pages, so if you want to edit [`tor-spec/flow-control.html`], -- cgit v1.2.3-54-g00ecf From 16b82bed5a8b1f520bad8e3aa69e25e69809d1fe Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 11:11:47 -0600 Subject: Remove unnecessary brackets --- spec/STYLE.md | 2 +- spec/back-matter.md | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/spec/STYLE.md b/spec/STYLE.md index 102b786..74388c3 100644 --- a/spec/STYLE.md +++ b/spec/STYLE.md @@ -133,7 +133,7 @@ for more information about how.) If you want to link to a specific section within a file, make sure that the section has a defined anchor that makes sense. -The syntax to define [heading ids] in mdbook looks like this: +The syntax to define heading ids in mdbook looks like this: `## Heading with a long title that you want shorter name for { #shortname }` diff --git a/spec/back-matter.md b/spec/back-matter.md index a0dc862..90ddea2 100644 --- a/spec/back-matter.md +++ b/spec/back-matter.md @@ -58,11 +58,11 @@ see the To edit these specs, clone the [git repository](https://gitlab.torproject.org/tpo/core/torspec/) and edit the -appropriate file in the [`spec` directory]. These files will match +appropriate file in the `spec` directory. These files will match the URLs of their corresponding pages, so if you want to edit -[`tor-spec/flow-control.html`], +`tor-spec/flow-control.html`, you'll be looking for a file -called [`spec/tor-spec/flow-control.md`]. +called `spec/tor-spec/flow-control.md`. We have started a [style guide](./STYLE.md) for writing new parts of this spec; as of 2023 it is quite preliminary. You should feel free to -- cgit v1.2.3-54-g00ecf From e90476582fd60a3af9c95b55ebfa1f97d514c504 Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 11:14:42 -0600 Subject: Add missing code block (was missing 1 space of indent) --- proposals/340-packed-and-fragmented.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/proposals/340-packed-and-fragmented.md b/proposals/340-packed-and-fragmented.md index 82adb8e..6c27fcd 100644 --- a/proposals/340-packed-and-fragmented.md +++ b/proposals/340-packed-and-fragmented.md @@ -51,9 +51,11 @@ formats going on at the same time. The new format for a decrypted relay _cell_ will be: - recognized [2 bytes] - digest [14 bytes] - body [509 - 16 = 493 bytes] +```text +recognized [2 bytes] +digest [14 bytes] +body [509 - 16 = 493 bytes] +``` The `recognized` and `digest` fields are computed as before; the only difference is that they occur _before_ the rest of the cell, and that `digest` -- cgit v1.2.3-54-g00ecf From 670a088a7457e0560b815aba3372e6e9a0c7f493 Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 11:20:50 -0600 Subject: prop 331: Escape brackets and add and fix links --- proposals/331-res-tokens-for-anti-dos.md | 53 ++++++++++++++++---------------- 1 file changed, 27 insertions(+), 26 deletions(-) diff --git a/proposals/331-res-tokens-for-anti-dos.md b/proposals/331-res-tokens-for-anti-dos.md index a7293e8..448ebe4 100644 --- a/proposals/331-res-tokens-for-anti-dos.md +++ b/proposals/331-res-tokens-for-anti-dos.md @@ -56,20 +56,20 @@ Status: Draft from various types of Token Issuers and then redeem them at the onion service to gain access even when under DoS conditions. - In section [TOKEN_DESIGN], we list our requirements from an anonymous + In section [TOKEN_DESIGN](#token-design), we list our requirements from an anonymous credential scheme and provide a high-level overview of how the Res token scheme works. - In section [PROTOCOL_SPEC], we specify the token issuance and redemption protocols, + In section [PROTOCOL_SPEC](#protocol-spec), we specify the token issuance and redemption protocols, as well as the mathematical operations that need to be conducted for these to work. - In section [TOKEN_ISSUERS], we provide a few examples and guidelines for + In section [TOKEN_ISSUERS](#token-issuers), we provide a few examples and guidelines for various token issuer services that could exist. - In section [DISCUSSION], we provide more use cases for Res tokens as well as + In section [DISCUSSION](#discussion), we provide more use cases for Res tokens as well as future improvements we can conduct to the scheme. -# 3. Design [TOKEN_DESIGN] +# 3. Design \[TOKEN_DESIGN\] {#token-design} In this section we will go over the high-level design of the system, and in the next section we will delve into the lower-level details of the protocol. @@ -109,13 +109,13 @@ Status: Draft - Quick Verification: Onions are already experiencing resource starvation because of the DoS attacks so it's important that the process of - verifying a token should be as quick as possible. In section [TOKEN_PERF] + verifying a token should be as quick as possible. In section [TOKEN_PERF](#token-perf) we will go deeper into this requirement. After careful consideration of the above requirements, we have leaned towards using Blind RSA as the primitive for our tokens, since it's the fastest - scheme by far that also allows public verifiability. See also Appendix B - [BLIND_RSA_PROOF] for a security proof sketch of Blind RSA perfect unlinkability. + scheme by far that also allows public verifiability. See also [Appendix A](#blind-rsa-proof) + for a security proof sketch of Blind RSA perfect unlinkability. ## 3.3. Other security considerations @@ -128,7 +128,7 @@ Status: Draft - Metadata: We want to encode metadata/attributes in the tokens. In particular, we want to encode the destination onion service and an - expiration date. For more information see section [DEST_DIGEST]. For + expiration date. For more information see section [DEST_DIGEST](#dest-digest). For blind RSA tokens this is usually done using "partially blind signatures" but to keep it simple we instead encode the destination directly in the message to be blind-signed and the expiration date using a set of @@ -162,9 +162,9 @@ Status: Draft an adversary breaks an issuance key, she will be able to forge tokens for just a few hours before that key expires. - For more ideas on future schemes and improvements see section [FUTURE_RES]. + For more ideas on future schemes and improvements see section [FUTURE_RES](#future-res). -## 3.5. Token performance requirements [TOKEN_PERF] +## 3.5. Token performance requirements \[TOKEN_PERF\] {#token-perf} As discussed above, verification performance is extremely important in the anti-DoS use case. In this section we provide some concrete numbers on what @@ -188,14 +188,14 @@ Status: Draft For this reason we implemented a basic version of the Res token scheme in Rust and benchmarked the verification and issuance procedure [REF_RES_BENCH]. - We measured that the verification procedure from section [RES_VERIFY] takes + We measured that the verification procedure from section [RES_VERIFY](#res-verify) takes about 0.104 ms, which we believe is a reasonable verification overhead for the purposes of this proposal. - We also measured that the issuance procedure from [RES_ISSUANCE] takes about + We also measured that the issuance procedure from [RES_ISSUANCE](#res-issuance) takes about 0.614 ms. -# 4. Specification [PROTOCOL_SPEC] +# 4. Specification \[PROTOCOL_SPEC\] {#protocol-spec} +--------------+ +------------------+ | Token Issuer | | Onion Service | @@ -270,7 +270,7 @@ Status: Draft onion service in its token store. If not, it needs to acquire some and hence the token issuance protocol commences. -### 4.3.1. Client preparation [DEST_DIGEST] +### 4.3.1. Client preparation \[DEST_DIGEST\] {#dest-digest} Alice first chooses an issuer supported by the onion service depending on her preferences by looking at the consensus and her Tor configuration file for @@ -289,7 +289,7 @@ Status: Draft - 'destination' is the 32-byte ed25519 public identity key of the destination onion - 'salt' is a random 32-byte value, - 3) Alice samples a blinding factor 'r' uniformly at random from [1, N) + 3) Alice samples a blinding factor 'r' uniformly at random from \[1, N) 4) Alice computes: blinded_message = dest_digest * r^e (mod N) @@ -301,7 +301,7 @@ Status: Draft XXX Is the salt needed? Reevaluate. -### 4.3.3. Token Issuance [RES_ISSUANCE] +### 4.3.3. Token Issuance \[RES_ISSUANCE\] {#res-issuance} Alice now initiates contact with the Token Issuer and spends the resources required to get issued a token (e.g. solve a CAPTCHA or a PoW, create an @@ -348,8 +348,9 @@ Status: Draft onion service. To do so, Alice adds an extension to the encrypted portion of the INTRODUCE1 - cell by using the EXTENSIONS field (see [PROCESS_INTRO2] section in - rend-spec-v3.txt). The encrypted portion of the INTRODUCE1 cell only gets + cell by using the EXTENSIONS field (see [PROCESS_INTRO2 section in + rend-spec-v3.txt](../rend-spec/introduction-protocol.md#PROCESS_INTRO2)). + The encrypted portion of the INTRODUCE1 cell only gets read by the onion service and is ignored by the introduction point. We propose a new EXT_FIELD_TYPE value: @@ -365,7 +366,7 @@ Status: Draft SALT [32 bytes] where: - - TOKEN_VERSION is the version of the token ([0x01] for Res tokens) + - TOKEN_VERSION is the version of the token (\[0x01\] for Res tokens) - ISSUER_KEY is the public key of the chosen issuer (truncated to 4 bytes) - DEST_DIGEST is the 'dest_digest' from above - TOKEN is the 'token' from above @@ -381,7 +382,7 @@ Status: Draft XXX maybe with a bit of tweaking we can even use a 1536-bit RSA signature here... -### 4.4.2. Onion service verifies token [RES_VERIFY] +### 4.4.2. Onion service verifies token \[RES_VERIFY\] {#res-verify} Upon receiving an INTRODUCE1 cell with the above extension the service verifies the token. It does so as follows: @@ -408,7 +409,7 @@ Status: Draft considers the token valid and the rest of the onion service protocol carries out as normal. -# 5. Token issuers [TOKEN_ISSUERS] +# 5. Token issuers \[TOKEN_ISSUERS\]{#token-issuers} In this section we go over some example token issuers. While we can have official token issuers that are supported by the Tor directory authorities, @@ -472,7 +473,7 @@ Status: Draft one-show, so the onion service cannot provide a single token that will work for multiple "logins". In the future we can design multi-show credential systems that also have revocation to further facilitate this use case (see - [FUTURE_RES] for more info). + [FUTURE_RES](#future-res) for more info). # 6. User Experience @@ -506,7 +507,7 @@ Status: Draft XXX Actually analyze the above if we think there is merit to listing them -# 8. Discussion [DISCUSSION] +# 8. Discussion \[DISCUSSION\] {#discussion} ## 8.1. Using Res tokens on Exit relays @@ -525,7 +526,7 @@ Status: Draft websites and web services on the public Internet. We hope that this way we will see less websites blocking Tor. -## 8.2. Future improvements to this proposal [FUTURE_RES] +## 8.2. Future improvements to this proposal \[FUTURE_RES\] {#future-res} The Res token scheme is a pragmatic scheme that works for the space/time constraints of this use case but it's far from ideal for the greater future @@ -579,7 +580,7 @@ Status: Draft --- -# Appendix A: RSA Blinding Security Proof [BLIND_RSA_PROOF] +# Appendix A: RSA Blinding Security Proof \[BLIND_RSA_PROOF\] {#blind-rsa-proof} This proof sketch was provided by Michele Orrù: -- cgit v1.2.3-54-g00ecf From d9b958e1a7ff5814b48f5a2d3f417233e8e3d079 Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 12:47:25 -0600 Subject: Escape brackets --- proposals/316-flashflow.md | 48 +++++++++---------- proposals/323-walking-onions-full.md | 39 +++++++++------- proposals/325-packed-relay-cells.md | 56 +++++++++++++---------- proposals/326-tor-relay-well-known-uri-rfc8615.md | 6 +-- proposals/328-relay-overload-report.md | 10 ++-- 5 files changed, 88 insertions(+), 71 deletions(-) diff --git a/proposals/316-flashflow.md b/proposals/316-flashflow.md index 8258d76..44ebe5c 100644 --- a/proposals/316-flashflow.md +++ b/proposals/316-flashflow.md @@ -56,7 +56,7 @@ time while Torflow takes days/weeks to assign them their full fair share of bandwidth (especially for non-exits). FlashFlow is more secure than Torflow: FlashFlow allows a relay to inflate its measured capacity by up to 1.33x (configured by a parameter) while Torflow allows weight -inflation by a factor of 89x [0] or even 177x [1]. +inflation by a factor of 89x \[0\] or even 177x \[1\]. After an overview in section 2 of the planned deployment stages, section 3, 4, and 5 discuss the short, medium, and long term deployment plans in @@ -133,7 +133,7 @@ allow itself to be measured more than twice by a FlashFlow deployment in any time window of this length. Relays should not change this option unless they really know what they're doing. Changing it at the relay will not change how often FlashFlow will attempt to measure the relay. -Possible values are in the range [1 hour, 1 month] inclusive. Default: 1 +Possible values are in the range \[1 hour, 1 month\] inclusive. Default: 1 day. FFBackgroundTrafficPercent: The maximum amount of regular @@ -142,7 +142,7 @@ percent of total traffic (measurement + non-measurement). This parameter is a trade off between having to limit background traffic and limiting how much a relay can inflate its result by handling no background traffic but reporting that it has done so. Possible values -are in the range [0, 99] inclusive. Default: 25 (a maximum inflation +are in the range \[0, 99`] inclusive. Default: 25 (a maximum inflation factor of 1.33). FFMaxMeasurementDuration: The maximum amount of time, in seconds, that @@ -151,7 +151,7 @@ measurement will begin soon and the end of the measurement. If this amount of time passes, the relay shall close all measurement connections and exit its measurement mode. Note this duration includes handshake time, thus it necessarily is larger than the expected actual measurement -duration. Possible values are in the range [10, 120] inclusive. +duration. Possible values are in the range \[10, 120\] inclusive. Default: 45. ### 3.1.2 New Cell Types @@ -219,7 +219,7 @@ error to the coordinator and considers the measurement a failure. It is also a failure if any measurer is unable to open at least half of its circuits with the target. -The payload of MEAS_PARAMS cells [XXX more may need to be added]: +The payload of MEAS_PARAMS cells \[XXX more may need to be added\]: ``` - meas_duration [2 bytes] [1, 600] @@ -231,10 +231,10 @@ meas_duration is the duration, in seconds, that the actual measurement will last. num_measurers is how many link_specifier structs follow containing information on the measurers that the relay should expect. Future versions of FlashFlow and MEAS_PARAMS will use TLS certificates instead of IP addresses. -[XXX probably need diff layout to allow upgrade to TLS certs instead of +\[XXX probably need diff layout to allow upgrade to TLS certs instead of link_specifier structs. probably using ext-type-length-value like teor -suggests] -[XXX want to specify number of conns to expect from each measurer here?] +suggests\] +\[XXX want to specify number of conns to expect from each measurer here?\] MEAS_PARAMS_OK has no payload: it's just padding bytes to make the cell PAYLOAD_LEN (509) bytes long. @@ -245,7 +245,7 @@ The payload of MEAS_ECHO cells: - arbitrary bytes [PAYLOAD_LEN bytes] ``` -The payload of MEAS_BG cells [XXX more for extra info? like CPU usage]: +The payload of MEAS_BG cells \[XXX more for extra info? like CPU usage\]: ``` - second [2 byte] [1, 600] @@ -260,7 +260,7 @@ subsequent cell will increment it by one. sent_bg_bytes is the number of background traffic bytes sent in the last second (since the last MEAS_BG cell). recv_bg_bytes is the same but for received bytes. -The payload of MEAS_ERR cells [XXX need field for more info]: +The payload of MEAS_ERR cells \[XXX need field for more info\]: ``` - err_code [1 byte] [0, 255] @@ -302,8 +302,8 @@ If x is very small, the relay will perform the calculation s.t. x is the number of cells required to produce 10 Mbit/s of measurement traffic, thus ensuring some minimum amount of background traffic is allowed. -[XXX teor suggests in [4] that the number 10 Mbit/s could be derived more -intelligently. E.g. based on AuthDirFastGuarantee or AuthDirGuardBWGuarantee] +\[XXX teor suggests in \[4\] that the number 10 Mbit/s could be derived more +intelligently. E.g. based on AuthDirFastGuarantee or AuthDirGuardBWGuarantee\] ## 3.2 FlashFlow Components @@ -473,11 +473,11 @@ v3bw.2020-03-01-04-00-00 v3bw.2020-03-01-05-00-00 ``` -[XXX Either FF should auto-delete old ones, logrotate config should be +\[XXX Either FF should auto-delete old ones, logrotate config should be provided, a script provided, or something to help bwauths not accidentally -fill up their disk] +fill up their disk\] -[XXX What's the approxmiate disk usage for, say, a few years of these?] +\[XXX What's the approxmiate disk usage for, say, a few years of these?\] ### 3.2.2 FlashFlow Measurer @@ -532,7 +532,7 @@ report more than ~33 Mbit/s, FlashFlow limits it to just ~33 Mbit/s.) With r=25%, FlashFlow only allows 1.33x weight inflation. Prior work shows that Torflow allows weight inflation by a factor of 89x -[0] or even 177x [1]. +\[0\] or even 177x \[1\]. The ratio chosen is a trade-off between impact on background traffic and security: r=50% allows a relay to double its weight but won't impact @@ -578,7 +578,7 @@ supports it. New link- and relay-subprotocol versions will be used by the relay to indicate FF support. E.g. at the time of writing, the next relay subprotocol version is -4 [3]. +4 \[3\]. We plan to host a FlashFlow deployment consisting of a FF coordinator and a single FF measurer on a single 1 Gbit/s machine. Data produced by @@ -652,7 +652,7 @@ The following is quoted from Section 4.3 of the FlashFlow paper. ensures that old relays will continue to be measured, with new relays given secondary priority in the order they arrive. -[XXX Teor leaves good ideas in his tor-dev@ post [5], +\[XXX Teor leaves good ideas in his tor-dev@ post \[5\], including a good plain language description of what the FF paper quotes says, and a recommendation on which consensus to use when making a new schedule] @@ -665,7 +665,7 @@ time. What specifically to do here is left for medium/long term work. ## 5.3 Experiments - [XXX todo] +\[XXX todo\] ## 5.4 Other Changes/Investigations/Ideas @@ -694,12 +694,13 @@ time. What specifically to do here is left for medium/long term work. background traffic. - What to do about co-located relays. Can they be detected reliably? Should we just add a torrc option a la MyFamily for co-located relays? -- What is the explanation for dennis.jackson's scary graphs in this [2] +- What is the explanation for dennis.jackson's scary graphs in this \[2\] ticket? Was it because of the speed test? Why? Will FlashFlow produce the same behavior? # Citations +```text [0] F. Thill. Hidden Service Tracking Detection and Bandwidth Cheating in Tor Anonymity Network. Master’s thesis, Univ. Luxembourg, 2014. https://www.cryptolux.org/images/b/bc/Tor_Issues_Thesis_Thill_Fabrice.pdf @@ -716,6 +717,7 @@ time. What specifically to do here is left for medium/long term work. https://lists.torproject.org/pipermail/tor-dev/2020-April/014251.html [5] Teor's first respose to FlashFlow proposal https://lists.torproject.org/pipermail/tor-dev/2020-April/014246.html +``` # Appendix A: Save CPU at measurer by not encrypting all MEAS_ECHO cells @@ -745,10 +747,10 @@ measurement. Consider bucket_size is 1000. For the moment ignore cell encryption. -We start at idx=0 and pick an idx in [0, 1000) to record, say 640. At -idx=640 we record the cell. At idx=1000 we choose a new idx in [1000, +We start at idx=0 and pick an idx in \[0, 1000) to record, say 640. At +idx=640 we record the cell. At idx=1000 we choose a new idx in \[1000, 2000) to record, say 1236. At idx=1236 we record the cell. At idx=2000 -we choose a new idx in [2000, 3000). Etc. +we choose a new idx in \[2000, 3000). Etc. There's 2000+ cells in flight and the measurer has recorded two items: diff --git a/proposals/323-walking-onions-full.md b/proposals/323-walking-onions-full.md index 86d57b2..192ae48 100644 --- a/proposals/323-walking-onions-full.md +++ b/proposals/323-walking-onions-full.md @@ -1572,9 +1572,9 @@ even, take the lower of the two center votes (the one at position N/2) if `BREAK_EVEN_LOW` is true. Otherwise, take the higher of the two center votes (the one at position N/2 + 1). -For example, the Median(…, even_low: True, type: "uint") of the votes -["String", 2, 111, 6] is 6. The Median(…, even_low: True, type: "uint") -of the votes ["String", 77, 9, 22, "String", 3] is 9. +For example, the `Median(…, even_low: True, type: "uint")` of the votes +`["String", 2, 111, 6]` is 6. The `Median(…, even_low: True, type: "uint")` +of the votes `["String", 77, 9, 22, "String", 3]` is 9. @@ -1681,7 +1681,7 @@ elements that appears in at least `MIN_COUNT` votes. (Note that the input votes may contain duplicate elements. These must be treated as if there were no duplicates: the vote -[1, 1, 1, 1] is the same as the vote [1]. Implementations may want +`[1, 1, 1, 1]` is the same as the vote `[1]`. Implementations may want to preprocess votes by discarding all but one instance of each member.) @@ -1827,10 +1827,12 @@ computed so far), and on the entirety of the set of votes. > our current behavior. Parameters: + `FIELDS` (one or more other locations in the vote) `RULE` (the rule used to combine values) -Encoding +Encoding: + ; This item is "derived from" some other field. DerivedItemOp = { op: "DerivedFrom", @@ -2646,7 +2648,7 @@ corresponding ENDIVERouterData. Because SNIPLocation objects are signed, they must be encoded as "canonical" cbor, according to section 3.9 of RFC 7049. -If R[idx] is {} (the empty map) for any given idx, then no SNIP will be +If `R[idx]` is `{}` (the empty map) for any given idx, then no SNIP will be generated for the SNIPRouterData at that routing index for this index group. @@ -2839,6 +2841,7 @@ The CREATE2, CREATED2, and EXTENDED2 cells change as follows: These extensions are defined by this proposal: +```text [01] -- `Partial_SNIPRouterData` -- Sent from an extending relay to a target relay. This extension holds one or more fields from the SNIPRouterData that the extending relay is using, @@ -2861,6 +2864,7 @@ These extensions are defined by this proposal: originator does not want a SNIP. Otherwise, the originator does want a SNIP containing the router and the specified index. Other values are unspecified. +``` By default, EXTENDED2 cells are sent with a SNIP iff the EXTENDED2 cell used a `snip_index_pos` link specifier, and CREATED2 cells are @@ -2923,14 +2927,14 @@ following main changes. So the client's message is now: - CLIENT_PK [32 bytes] + CLIENT_PK [32 bytes] And the relay's reply is now: - NODEID [32 bytes] - KEYID [32 bytes] - SERVER_PK [32 bytes] - AUTH [32 bytes] + NODEID [32 bytes] + KEYID [32 bytes] + SERVER_PK [32 bytes] + AUTH [32 bytes] otherwise, all fields are computed as described in tor-spec. @@ -3330,10 +3334,10 @@ relay cells.) > that the relay might not understand. To include the SNIP, the client places it in an extension in the -INTRODUCE cell. The onion key can now be omitted[*], along with +INTRODUCE cell. The onion key can now be omitted\[\*\], along with the link specifiers. -> [*] Technically, we use a zero-length onion key, with a new type +> \[\*\] Technically, we use a zero-length onion key, with a new type > "implicit in SNIP". To know whether the service can recognize this kind of cell, the @@ -3445,10 +3449,10 @@ between updating ENDIVEs under ideal circumstances. # Migrating to Walking Onions This proposal is a major change in the Tor network that will -eventually require the participation of all relays [*], and will make +eventually require the participation of all relays \[\*\], and will make clients who support it distinguishable from clients that don't. -> [*] Technically, the last relay in the path doesn't need support. +> \[\*\] Technically, the last relay in the path doesn't need support. To keep the compatibility issues under control, here is the order in which it should be deployed on the network. @@ -3903,6 +3907,7 @@ guards and/or exits depending on overall balance of resources on the network. Formula: + type: 'weighted', source: { type:'bw', require_flags: ['Valid'], 'bwfield' : ["RM", "mbw"] @@ -3978,10 +3983,10 @@ Formula: ## Appendix H: Choosing good clusters of exit policies With Walking Onions, we cannot easily support all the port -combinations [*] that we currently allow in the "policy summaries" +combinations \[\*\] that we currently allow in the "policy summaries" that we support in microdescriptors. -> [*] How many "short policy summaries" are there? The number would be +> \[\*\] How many "short policy summaries" are there? The number would be > 2^65535, except for the fact today's Tor doesn't permit exit policies to > get maximally long. diff --git a/proposals/325-packed-relay-cells.md b/proposals/325-packed-relay-cells.md index 7a88840..7d0ffca 100644 --- a/proposals/325-packed-relay-cells.md +++ b/proposals/325-packed-relay-cells.md @@ -57,23 +57,27 @@ concatenated one after another following this format of a relay cell. The first command is the same header format as a normal relay cell detailed in section 6.1 of tor-spec.txt - Relay Command [1 byte] - 'Recognized' [2 bytes] - StreamID [2 bytes] - Digest [4 bytes] - Length [2 bytes] - Data [Length bytes] - RELAY\_MESSAGE - Padding [up to end of cell] +```text +Relay Command [1 byte] +'Recognized' [2 bytes] +StreamID [2 bytes] +Digest [4 bytes] +Length [2 bytes] +Data [Length bytes] +RELAY\_MESSAGE +Padding [up to end of cell] +``` The `RELAY_MESSAGE` can be empty as in no bytes indicating no other messages or set to the following: - Relay Command [1 byte] - StreamID [2 bytes] - Length [2 bytes] - Data [Length bytes] - RELAY\_MESSAGE +```text +Relay Command [1 byte] +StreamID [2 bytes] +Length [2 bytes] +Data [Length bytes] +RELAY\_MESSAGE +``` Note that the Recognized and Digest field are not added to a second relay message, they are solely used for the whole relay cell thus how we @@ -123,10 +127,12 @@ with the default set to use a consensus parameter. The parameter is: - "relay-cell-packing" +```text +"relay-cell-packing" - Boolean: if 1, clients should send packed relay cells. - (Min: 0, Max 1, Default: 0) +Boolean: if 1, clients should send packed relay cells. +(Min: 0, Max 1, Default: 0) +``` To handle migration, first the parameter should be set to 0 and the configuration setting should be "auto". To test the feature, individual @@ -150,17 +156,21 @@ I propose a new relay message format, described here (with `ux` denoting an x-bit bitfield). This format is 2 bytes or 4 bytes, depending on its first bit. - struct relay_header { - u1 stream_id_included; // Is the stream_id included? - u6 relay_command; // as before - u9 relay_data_len; // as before - u8 optional_stream_id[]; // 0 bytes or two bytes. - } +```C +struct relay_header { + u1 stream_id_included; // Is the stream_id included? + u6 relay_command; // as before + u9 relay_data_len; // as before + u8 optional_stream_id[]; // 0 bytes or two bytes. +} +``` Alternatively, you can view the first three fields as a 16-bit value, computed as: - (stream_id_included<<15) | (relay_command << 9) | (relay_data_len). +```C +(stream_id_included<<15) | (relay_command << 9) | (relay_data_len). +``` If the `optional_stream_id` field is not present, then the default value for the `stream_id` is computed as follows. We use stream_id 0 diff --git a/proposals/326-tor-relay-well-known-uri-rfc8615.md b/proposals/326-tor-relay-well-known-uri-rfc8615.md index 075aa6d..8bc705a 100644 --- a/proposals/326-tor-relay-well-known-uri-rfc8615.md +++ b/proposals/326-tor-relay-well-known-uri-rfc8615.md @@ -38,7 +38,7 @@ The verification of listed Tor relay/bridge IDs only succeeds if the claim can b * Each line contains one relay fingerprint. * The file MUST NOT contain fingerprints of Tor bridges (or hashes of bridge fingerprints). For bridges see the file `hashed-bridge-rsa-fingerprint.txt`. * The file may contain comments (starting with #). -* Non-comment lines must be exactly 40 characters long and consist of the following characters [a-fA-F0-9]. +* Non-comment lines must be exactly 40 characters long and consist of the following characters `[a-fA-F0-9]`. * Fingerprints are not case-sensitive. * Each fingerprint MUST appear at most once. * The file MUST not be larger than one MByte. @@ -59,7 +59,7 @@ The RSA SHA1 relay fingerprint can be found in the file named "fingerprint" loca * This file is not relevant for bridges. * Each line contains one public ed25519 master key in its base64 encoded form. * The file may contain comments (starting with #). -* Non-comment lines must be exactly 43 characters long and consist of the following characters [a-zA-z0-9/+]. +* Non-comment lines must be exactly 43 characters long and consist of the following characters `[a-zA-z0-9/+]`. * Each key MUST appear at most once. * The file MUST not be larger than one MByte. * The content MUST be a media type of "text/plain". @@ -80,7 +80,7 @@ The base64 encoded ed25519 public master key can be found in the file named "fin * The file contains one or more SHA1 hashed Tor bridge SHA1 fingerprints operated by the entity in control of this website. * Each line contains one hashed bridge fingerprint. * The file may contain comments (starting with #). -* Non-comment lines must be exactly 40 characters long and consist of the following characters [a-fA-F0-9]. +* Non-comment lines must be exactly 40 characters long and consist of the following characters `[a-fA-F0-9]`. * Hashed fingerprints are not case-sensitive. * Each hashed fingerprint MUST appear at most once. * The file MUST not be larger than one MByte. diff --git a/proposals/328-relay-overload-report.md b/proposals/328-relay-overload-report.md index 5901b93..bdb4fec 100644 --- a/proposals/328-relay-overload-report.md +++ b/proposals/328-relay-overload-report.md @@ -41,16 +41,16 @@ state" which can be one or many of the following load metrics: - Any OOM invocation due to memory pressure - Any ntor onionskins are dropped - [Removed in tor-0.4.6.11 and 0.4.7.5-alpha] + \[Removed in tor-0.4.6.11 and 0.4.7.5-alpha\] - A certain ratio of ntor onionskins dropped. - [Added in tor-0.4.6.11 and 0.4.7.5-alpha] + \[Added in tor-0.4.6.11 and 0.4.7.5-alpha\] - TCP port exhaustion - DNS timeout reached (X% of timeouts over Y seconds). - [Removed in tor-0.4.7.3-alpha] + \[Removed in tor-0.4.7.3-alpha\] - CPU utilization of Tor's mainloop CPU core above 90% for 60 sec - [Never implemented] + \[Never implemented\] - Control port overload (too many messages queued) - [Never implemented] + \[Never implemented\] For DNS timeouts, the X and Y are consensus parameters (overload_dns_timeout_scale_percent and overload_dns_timeout_period_secs) -- cgit v1.2.3-54-g00ecf From fdbc49ff5774236f1fcea7c7f38af2ea517cb7b3 Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 12:52:31 -0600 Subject: reindex: escape brackets in markdown output --- bin/reindex | 2 +- proposals/BY_INDEX.md | 504 ++++++++++++++++++++++++------------------------- proposals/BY_STATUS.md | 100 +++++----- 3 files changed, 303 insertions(+), 303 deletions(-) diff --git a/bin/reindex b/bin/reindex index 57ac403..24e76eb 100755 --- a/bin/reindex +++ b/bin/reindex @@ -151,7 +151,7 @@ def writeTextIndexFile(proposals): def formatMarkdownEntry(prop, withStatus=False): if withStatus: - fmt = "* [`{Filename}`](/proposals/{Filename}): {Title} [{Status}]\n" + fmt = "* [`{Filename}`](/proposals/{Filename}): {Title} \\[{Status}\\]\n" else: fmt = "* [`{Filename}`](/proposals/{Filename}): {Title}\n" return fmt.format(**prop) diff --git a/proposals/BY_INDEX.md b/proposals/BY_INDEX.md index b60a656..0bde3b6 100644 --- a/proposals/BY_INDEX.md +++ b/proposals/BY_INDEX.md @@ -13,256 +13,256 @@ will never be implemented. Below are a list of proposals sorted by their proposal number. See [BY_STATUS.md](/proposals/BY_STATUS.md) for a list of proposals sorted by status. -* [`000-index.txt`](/proposals/000-index.txt): Index of Tor Proposals [META] -* [`001-process.txt`](/proposals/001-process.txt): The Tor Proposal Process [META] -* [`098-todo.txt`](/proposals/098-todo.txt): Proposals that should be written [OBSOLETE] -* [`099-misc.txt`](/proposals/099-misc.txt): Miscellaneous proposals [OBSOLETE] -* [`100-tor-spec-udp.txt`](/proposals/100-tor-spec-udp.txt): Tor Unreliable Datagram Extension Proposal [DEAD] -* [`101-dir-voting.txt`](/proposals/101-dir-voting.txt): Voting on the Tor Directory System [CLOSED] -* [`102-drop-opt.txt`](/proposals/102-drop-opt.txt): Dropping "opt" from the directory format [CLOSED] -* [`103-multilevel-keys.txt`](/proposals/103-multilevel-keys.txt): Splitting identity key from regularly used signing key [CLOSED] -* [`104-short-descriptors.txt`](/proposals/104-short-descriptors.txt): Long and Short Router Descriptors [CLOSED] -* [`105-handshake-revision.txt`](/proposals/105-handshake-revision.txt): Version negotiation for the Tor protocol [CLOSED] -* [`106-less-tls-constraint.txt`](/proposals/106-less-tls-constraint.txt): Checking fewer things during TLS handshakes [CLOSED] -* [`107-uptime-sanity-checking.txt`](/proposals/107-uptime-sanity-checking.txt): Uptime Sanity Checking [CLOSED] -* [`108-mtbf-based-stability.txt`](/proposals/108-mtbf-based-stability.txt): Base "Stable" Flag on Mean Time Between Failures [CLOSED] -* [`109-no-sharing-ips.txt`](/proposals/109-no-sharing-ips.txt): No more than one server per IP address [CLOSED] -* [`110-avoid-infinite-circuits.txt`](/proposals/110-avoid-infinite-circuits.txt): Avoiding infinite length circuits [CLOSED] -* [`111-local-traffic-priority.txt`](/proposals/111-local-traffic-priority.txt): Prioritizing local traffic over relayed traffic [CLOSED] -* [`112-bring-back-pathlencoinweight.txt`](/proposals/112-bring-back-pathlencoinweight.txt): Bring Back Pathlen Coin Weight [SUPERSEDED] -* [`113-fast-authority-interface.txt`](/proposals/113-fast-authority-interface.txt): Simplifying directory authority administration [SUPERSEDED] -* [`114-distributed-storage.txt`](/proposals/114-distributed-storage.txt): Distributed Storage for Tor Hidden Service Descriptors [CLOSED] -* [`115-two-hop-paths.txt`](/proposals/115-two-hop-paths.txt): Two Hop Paths [DEAD] -* [`116-two-hop-paths-from-guard.txt`](/proposals/116-two-hop-paths-from-guard.txt): Two hop paths from entry guards [DEAD] -* [`117-ipv6-exits.txt`](/proposals/117-ipv6-exits.txt): IPv6 exits [CLOSED] -* [`118-multiple-orports.txt`](/proposals/118-multiple-orports.txt): Advertising multiple ORPorts at once [SUPERSEDED] -* [`119-controlport-auth.txt`](/proposals/119-controlport-auth.txt): New PROTOCOLINFO command for controllers [CLOSED] -* [`120-shutdown-descriptors.txt`](/proposals/120-shutdown-descriptors.txt): Shutdown descriptors when Tor servers stop [DEAD] -* [`121-hidden-service-authentication.txt`](/proposals/121-hidden-service-authentication.txt): Hidden Service Authentication [CLOSED] -* [`122-unnamed-flag.txt`](/proposals/122-unnamed-flag.txt): Network status entries need a new Unnamed flag [CLOSED] -* [`123-autonaming.txt`](/proposals/123-autonaming.txt): Naming authorities automatically create bindings [CLOSED] -* [`124-tls-certificates.txt`](/proposals/124-tls-certificates.txt): Blocking resistant TLS certificate usage [SUPERSEDED] -* [`125-bridges.txt`](/proposals/125-bridges.txt): Behavior for bridge users, bridge relays, and bridge authorities [CLOSED] -* [`126-geoip-reporting.txt`](/proposals/126-geoip-reporting.txt): Getting GeoIP data and publishing usage summaries [CLOSED] -* [`127-dirport-mirrors-downloads.txt`](/proposals/127-dirport-mirrors-downloads.txt): Relaying dirport requests to Tor download site / website [OBSOLETE] -* [`128-bridge-families.txt`](/proposals/128-bridge-families.txt): Families of private bridges [DEAD] -* [`129-reject-plaintext-ports.txt`](/proposals/129-reject-plaintext-ports.txt): Block Insecure Protocols by Default [CLOSED] -* [`130-v2-conn-protocol.txt`](/proposals/130-v2-conn-protocol.txt): Version 2 Tor connection protocol [CLOSED] -* [`131-verify-tor-usage.txt`](/proposals/131-verify-tor-usage.txt): Help users to verify they are using Tor [OBSOLETE] -* [`132-browser-check-tor-service.txt`](/proposals/132-browser-check-tor-service.txt): A Tor Web Service For Verifying Correct Browser Configuration [OBSOLETE] -* [`133-unreachable-ors.txt`](/proposals/133-unreachable-ors.txt): Incorporate Unreachable ORs into the Tor Network [RESERVE] -* [`134-robust-voting.txt`](/proposals/134-robust-voting.txt): More robust consensus voting with diverse authority sets [REJECTED] -* [`135-private-tor-networks.txt`](/proposals/135-private-tor-networks.txt): Simplify Configuration of Private Tor Networks [CLOSED] -* [`136-legacy-keys.txt`](/proposals/136-legacy-keys.txt): Mass authority migration with legacy keys [CLOSED] -* [`137-bootstrap-phases.txt`](/proposals/137-bootstrap-phases.txt): Keep controllers informed as Tor bootstraps [CLOSED] -* [`138-remove-down-routers-from-consensus.txt`](/proposals/138-remove-down-routers-from-consensus.txt): Remove routers that are not Running from consensus documents [CLOSED] -* [`139-conditional-consensus-download.txt`](/proposals/139-conditional-consensus-download.txt): Download consensus documents only when it will be trusted [CLOSED] -* [`140-consensus-diffs.txt`](/proposals/140-consensus-diffs.txt): Provide diffs between consensuses [CLOSED] -* [`141-jit-sd-downloads.txt`](/proposals/141-jit-sd-downloads.txt): Download server descriptors on demand [OBSOLETE] -* [`142-combine-intro-and-rend-points.txt`](/proposals/142-combine-intro-and-rend-points.txt): Combine Introduction and Rendezvous Points [DEAD] -* [`143-distributed-storage-improvements.txt`](/proposals/143-distributed-storage-improvements.txt): Improvements of Distributed Storage for Tor Hidden Service Descriptors [SUPERSEDED] -* [`144-enforce-distinct-providers.txt`](/proposals/144-enforce-distinct-providers.txt): Increase the diversity of circuits by detecting nodes belonging the same provider [OBSOLETE] -* [`145-newguard-flag.txt`](/proposals/145-newguard-flag.txt): Separate "suitable as a guard" from "suitable as a new guard" [SUPERSEDED] -* [`146-long-term-stability.txt`](/proposals/146-long-term-stability.txt): Add new flag to reflect long-term stability [SUPERSEDED] -* [`147-prevoting-opinions.txt`](/proposals/147-prevoting-opinions.txt): Eliminate the need for v2 directories in generating v3 directories [REJECTED] -* [`148-uniform-client-end-reason.txt`](/proposals/148-uniform-client-end-reason.txt): Stream end reasons from the client side should be uniform [CLOSED] -* [`149-using-netinfo-data.txt`](/proposals/149-using-netinfo-data.txt): Using data from NETINFO cells [SUPERSEDED] -* [`150-exclude-exit-nodes.txt`](/proposals/150-exclude-exit-nodes.txt): Exclude Exit Nodes from a circuit [CLOSED] -* [`151-path-selection-improvements.txt`](/proposals/151-path-selection-improvements.txt): Improving Tor Path Selection [CLOSED] -* [`152-single-hop-circuits.txt`](/proposals/152-single-hop-circuits.txt): Optionally allow exit from single-hop circuits [CLOSED] -* [`153-automatic-software-update-protocol.txt`](/proposals/153-automatic-software-update-protocol.txt): Automatic software update protocol [SUPERSEDED] -* [`154-automatic-updates.txt`](/proposals/154-automatic-updates.txt): Automatic Software Update Protocol [SUPERSEDED] -* [`155-four-hidden-service-improvements.txt`](/proposals/155-four-hidden-service-improvements.txt): Four Improvements of Hidden Service Performance [CLOSED] -* [`156-tracking-blocked-ports.txt`](/proposals/156-tracking-blocked-ports.txt): Tracking blocked ports on the client side [SUPERSEDED] -* [`157-specific-cert-download.txt`](/proposals/157-specific-cert-download.txt): Make certificate downloads specific [CLOSED] -* [`158-microdescriptors.txt`](/proposals/158-microdescriptors.txt): Clients download consensus + microdescriptors [CLOSED] -* [`159-exit-scanning.txt`](/proposals/159-exit-scanning.txt): Exit Scanning [INFORMATIONAL] -* [`160-bandwidth-offset.txt`](/proposals/160-bandwidth-offset.txt): Authorities vote for bandwidth offsets in consensus [CLOSED] -* [`161-computing-bandwidth-adjustments.txt`](/proposals/161-computing-bandwidth-adjustments.txt): Computing Bandwidth Adjustments [CLOSED] -* [`162-consensus-flavors.txt`](/proposals/162-consensus-flavors.txt): Publish the consensus in multiple flavors [CLOSED] -* [`163-detecting-clients.txt`](/proposals/163-detecting-clients.txt): Detecting whether a connection comes from a client [SUPERSEDED] -* [`164-reporting-server-status.txt`](/proposals/164-reporting-server-status.txt): Reporting the status of server votes [OBSOLETE] -* [`165-simple-robust-voting.txt`](/proposals/165-simple-robust-voting.txt): Easy migration for voting authority sets [REJECTED] -* [`166-statistics-extra-info-docs.txt`](/proposals/166-statistics-extra-info-docs.txt): Including Network Statistics in Extra-Info Documents [CLOSED] -* [`167-params-in-consensus.txt`](/proposals/167-params-in-consensus.txt): Vote on network parameters in consensus [CLOSED] -* [`168-reduce-circwindow.txt`](/proposals/168-reduce-circwindow.txt): Reduce default circuit window [REJECTED] -* [`169-eliminating-renegotiation.txt`](/proposals/169-eliminating-renegotiation.txt): Eliminate TLS renegotiation for the Tor connection handshake [SUPERSEDED] -* [`170-user-path-config.txt`](/proposals/170-user-path-config.txt): Configuration options regarding circuit building [SUPERSEDED] -* [`171-separate-streams.txt`](/proposals/171-separate-streams.txt): Separate streams across circuits by connection metadata [CLOSED] -* [`172-circ-getinfo-option.txt`](/proposals/172-circ-getinfo-option.txt): GETINFO controller option for circuit information [RESERVE] -* [`173-getinfo-option-expansion.txt`](/proposals/173-getinfo-option-expansion.txt): GETINFO Option Expansion [OBSOLETE] -* [`174-optimistic-data-server.txt`](/proposals/174-optimistic-data-server.txt): Optimistic Data for Tor: Server Side [CLOSED] -* [`175-automatic-node-promotion.txt`](/proposals/175-automatic-node-promotion.txt): Automatically promoting Tor clients to nodes [REJECTED] -* [`176-revising-handshake.txt`](/proposals/176-revising-handshake.txt): Proposed version-3 link handshake for Tor [CLOSED] -* [`177-flag-abstention.txt`](/proposals/177-flag-abstention.txt): Abstaining from votes on individual flags [RESERVE] -* [`178-param-voting.txt`](/proposals/178-param-voting.txt): Require majority of authorities to vote for consensus parameters [CLOSED] -* [`179-TLS-cert-and-parameter-normalization.txt`](/proposals/179-TLS-cert-and-parameter-normalization.txt): TLS certificate and parameter normalization [CLOSED] -* [`180-pluggable-transport.txt`](/proposals/180-pluggable-transport.txt): Pluggable transports for circumvention [CLOSED] -* [`181-optimistic-data-client.txt`](/proposals/181-optimistic-data-client.txt): Optimistic Data for Tor: Client Side [CLOSED] -* [`182-creditbucket.txt`](/proposals/182-creditbucket.txt): Credit Bucket [OBSOLETE] -* [`183-refillintervals.txt`](/proposals/183-refillintervals.txt): Refill Intervals [CLOSED] -* [`184-v3-link-protocol.txt`](/proposals/184-v3-link-protocol.txt): Miscellaneous changes for a v3 Tor link protocol [CLOSED] -* [`185-dir-without-dirport.txt`](/proposals/185-dir-without-dirport.txt): Directory caches without DirPort [SUPERSEDED] -* [`186-multiple-orports.txt`](/proposals/186-multiple-orports.txt): Multiple addresses for one OR or bridge [CLOSED] -* [`187-allow-client-auth.txt`](/proposals/187-allow-client-auth.txt): Reserve a cell type to allow client authorization [CLOSED] -* [`188-bridge-guards.txt`](/proposals/188-bridge-guards.txt): Bridge Guards and other anti-enumeration defenses [RESERVE] -* [`189-authorize-cell.txt`](/proposals/189-authorize-cell.txt): AUTHORIZE and AUTHORIZED cells [OBSOLETE] -* [`190-shared-secret-bridge-authorization.txt`](/proposals/190-shared-secret-bridge-authorization.txt): Bridge Client Authorization Based on a Shared Secret [OBSOLETE] -* [`191-mitm-bridge-detection-resistance.txt`](/proposals/191-mitm-bridge-detection-resistance.txt): Bridge Detection Resistance against MITM-capable Adversaries [OBSOLETE] -* [`192-store-bridge-information.txt`](/proposals/192-store-bridge-information.txt): Automatically retrieve and store information about bridges [OBSOLETE] -* [`193-safe-cookie-authentication.txt`](/proposals/193-safe-cookie-authentication.txt): Safe cookie authentication for Tor controllers [CLOSED] -* [`194-mnemonic-urls.txt`](/proposals/194-mnemonic-urls.txt): Mnemonic .onion URLs [SUPERSEDED] -* [`195-TLS-normalization-for-024.txt`](/proposals/195-TLS-normalization-for-024.txt): TLS certificate normalization for Tor 0.2.4.x [DEAD] -* [`196-transport-control-ports.txt`](/proposals/196-transport-control-ports.txt): Extended ORPort and TransportControlPort [CLOSED] -* [`197-postmessage-ipc.txt`](/proposals/197-postmessage-ipc.txt): Message-based Inter-Controller IPC Channel [REJECTED] -* [`198-restore-clienthello-semantics.txt`](/proposals/198-restore-clienthello-semantics.txt): Restore semantics of TLS ClientHello [CLOSED] -* [`199-bridgefinder-integration.txt`](/proposals/199-bridgefinder-integration.txt): Integration of BridgeFinder and BridgeFinderHelper [OBSOLETE] -* [`200-new-create-and-extend-cells.txt`](/proposals/200-new-create-and-extend-cells.txt): Adding new, extensible CREATE, EXTEND, and related cells [CLOSED] -* [`201-bridge-v3-reqs-stats.txt`](/proposals/201-bridge-v3-reqs-stats.txt): Make bridges report statistics on daily v3 network status requests [RESERVE] -* [`202-improved-relay-crypto.txt`](/proposals/202-improved-relay-crypto.txt): Two improved relay encryption protocols for Tor cells [META] -* [`203-https-frontend.txt`](/proposals/203-https-frontend.txt): Avoiding censorship by impersonating an HTTPS server [OBSOLETE] -* [`204-hidserv-subdomains.txt`](/proposals/204-hidserv-subdomains.txt): Subdomain support for Hidden Service addresses [CLOSED] -* [`205-local-dnscache.txt`](/proposals/205-local-dnscache.txt): Remove global client-side DNS caching [CLOSED] -* [`206-directory-sources.txt`](/proposals/206-directory-sources.txt): Preconfigured directory sources for bootstrapping [CLOSED] -* [`207-directory-guards.txt`](/proposals/207-directory-guards.txt): Directory guards [CLOSED] -* [`208-ipv6-exits-redux.txt`](/proposals/208-ipv6-exits-redux.txt): IPv6 Exits Redux [CLOSED] -* [`209-path-bias-tuning.txt`](/proposals/209-path-bias-tuning.txt): Tuning the Parameters for the Path Bias Defense [OBSOLETE] -* [`210-faster-headless-consensus-bootstrap.txt`](/proposals/210-faster-headless-consensus-bootstrap.txt): Faster Headless Consensus Bootstrapping [SUPERSEDED] -* [`211-mapaddress-tor-status.txt`](/proposals/211-mapaddress-tor-status.txt): Internal Mapaddress for Tor Configuration Testing [RESERVE] -* [`212-using-old-consensus.txt`](/proposals/212-using-old-consensus.txt): Increase Acceptable Consensus Age [NEEDS-REVISION] -* [`213-remove-stream-sendmes.txt`](/proposals/213-remove-stream-sendmes.txt): Remove stream-level sendmes from the design [DEAD] -* [`214-longer-circids.txt`](/proposals/214-longer-circids.txt): Allow 4-byte circuit IDs in a new link protocol [CLOSED] -* [`215-update-min-consensus-ver.txt`](/proposals/215-update-min-consensus-ver.txt): Let the minimum consensus method change with time [CLOSED] -* [`216-ntor-handshake.txt`](/proposals/216-ntor-handshake.txt): Improved circuit-creation key exchange [CLOSED] -* [`217-ext-orport-auth.txt`](/proposals/217-ext-orport-auth.txt): Tor Extended ORPort Authentication [CLOSED] -* [`218-usage-controller-events.txt`](/proposals/218-usage-controller-events.txt): Controller events to better understand connection/circuit usage [CLOSED] -* [`219-expanded-dns.txt`](/proposals/219-expanded-dns.txt): Support for full DNS and DNSSEC resolution in Tor [NEEDS-REVISION] -* [`220-ecc-id-keys.txt`](/proposals/220-ecc-id-keys.txt): Migrate server identity keys to Ed25519 [CLOSED] -* [`221-stop-using-create-fast.txt`](/proposals/221-stop-using-create-fast.txt): Stop using CREATE_FAST [CLOSED] -* [`222-remove-client-timestamps.txt`](/proposals/222-remove-client-timestamps.txt): Stop sending client timestamps [CLOSED] -* [`223-ace-handshake.txt`](/proposals/223-ace-handshake.txt): Ace: Improved circuit-creation key exchange [RESERVE] -* [`224-rend-spec-ng.txt`](/proposals/224-rend-spec-ng.txt): Next-Generation Hidden Services in Tor [CLOSED] -* [`225-strawman-shared-rand.txt`](/proposals/225-strawman-shared-rand.txt): Strawman proposal: commit-and-reveal shared rng [SUPERSEDED] -* [`226-bridgedb-database-improvements.txt`](/proposals/226-bridgedb-database-improvements.txt): "Scalability and Stability Improvements to BridgeDB: Switching to a Distributed Database System and RDBMS" [RESERVE] -* [`227-vote-on-package-fingerprints.txt`](/proposals/227-vote-on-package-fingerprints.txt): Include package fingerprints in consensus documents [CLOSED] -* [`228-cross-certification-onionkeys.txt`](/proposals/228-cross-certification-onionkeys.txt): Cross-certifying identity keys with onion keys [CLOSED] -* [`229-further-socks5-extensions.txt`](/proposals/229-further-socks5-extensions.txt): Further SOCKS5 extensions [REJECTED] -* [`230-rsa1024-relay-id-migration.txt`](/proposals/230-rsa1024-relay-id-migration.txt): How to change RSA1024 relay identity keys [OBSOLETE] -* [`231-migrate-authority-rsa1024-ids.txt`](/proposals/231-migrate-authority-rsa1024-ids.txt): Migrating authority RSA1024 identity keys [OBSOLETE] -* [`232-pluggable-transports-through-proxy.txt`](/proposals/232-pluggable-transports-through-proxy.txt): Pluggable Transport through SOCKS proxy [CLOSED] -* [`233-quicken-tor2web-mode.txt`](/proposals/233-quicken-tor2web-mode.txt): Making Tor2Web mode faster [REJECTED] -* [`234-remittance-addresses.txt`](/proposals/234-remittance-addresses.txt): Adding remittance field to directory specification [REJECTED] -* [`235-kill-named-flag.txt`](/proposals/235-kill-named-flag.txt): Stop assigning (and eventually supporting) the Named flag [CLOSED] -* [`236-single-guard-node.txt`](/proposals/236-single-guard-node.txt): The move to a single guard node [CLOSED] -* [`237-directory-servers-for-all.txt`](/proposals/237-directory-servers-for-all.txt): All relays are directory servers [CLOSED] -* [`238-hs-relay-stats.txt`](/proposals/238-hs-relay-stats.txt): Better hidden service stats from Tor relays [CLOSED] -* [`239-consensus-hash-chaining.txt`](/proposals/239-consensus-hash-chaining.txt): Consensus Hash Chaining [OPEN] -* [`240-auth-cert-revocation.txt`](/proposals/240-auth-cert-revocation.txt): Early signing key revocation for directory authorities [OPEN] -* [`241-suspicious-guard-turnover.txt`](/proposals/241-suspicious-guard-turnover.txt): Resisting guard-turnover attacks [REJECTED] -* [`242-better-families.txt`](/proposals/242-better-families.txt): Better performance and usability for the MyFamily option [SUPERSEDED] -* [`243-hsdir-flag-need-stable.txt`](/proposals/243-hsdir-flag-need-stable.txt): Give out HSDir flag only to relays with Stable flag [CLOSED] -* [`244-use-rfc5705-for-tls-binding.txt`](/proposals/244-use-rfc5705-for-tls-binding.txt): Use RFC5705 Key Exporting in our AUTHENTICATE calls [CLOSED] -* [`245-tap-out.txt`](/proposals/245-tap-out.txt): Deprecating and removing the TAP circuit extension protocol [NEEDS-REVISION] -* [`246-merge-hsdir-and-intro.txt`](/proposals/246-merge-hsdir-and-intro.txt): Merging Hidden Service Directories and Introduction Points [REJECTED] -* [`247-hs-guard-discovery.txt`](/proposals/247-hs-guard-discovery.txt): Defending Against Guard Discovery Attacks using Vanguards [SUPERSEDED] -* [`248-removing-rsa-identities.txt`](/proposals/248-removing-rsa-identities.txt): Remove all RSA identity keys [NEEDS-REVISION] -* [`249-large-create-cells.txt`](/proposals/249-large-create-cells.txt): Allow CREATE cells with >505 bytes of handshake data [SUPERSEDED] -* [`250-commit-reveal-consensus.txt`](/proposals/250-commit-reveal-consensus.txt): Random Number Generation During Tor Voting [CLOSED] -* [`251-netflow-padding.txt`](/proposals/251-netflow-padding.txt): Padding for netflow record resolution reduction [CLOSED] -* [`252-single-onion.txt`](/proposals/252-single-onion.txt): Single Onion Services [SUPERSEDED] -* [`253-oob-hmac.txt`](/proposals/253-oob-hmac.txt): Out of Band Circuit HMACs [DEAD] -* [`254-padding-negotiation.txt`](/proposals/254-padding-negotiation.txt): Padding Negotiation [CLOSED] -* [`255-hs-load-balancing.txt`](/proposals/255-hs-load-balancing.txt): Controller features to allow for load-balancing hidden services [RESERVE] -* [`256-key-revocation.txt`](/proposals/256-key-revocation.txt): Key revocation for relays and authorities [RESERVE] -* [`257-hiding-authorities.txt`](/proposals/257-hiding-authorities.txt): Refactoring authorities and making them more isolated from the net [META] -* [`258-dirauth-dos.txt`](/proposals/258-dirauth-dos.txt): Denial-of-service resistance for directory authorities [DEAD] -* [`259-guard-selection.txt`](/proposals/259-guard-selection.txt): New Guard Selection Behaviour [OBSOLETE] -* [`260-rend-single-onion.txt`](/proposals/260-rend-single-onion.txt): Rendezvous Single Onion Services [FINISHED] -* [`261-aez-crypto.txt`](/proposals/261-aez-crypto.txt): AEZ for relay cryptography [OBSOLETE] -* [`262-rekey-circuits.txt`](/proposals/262-rekey-circuits.txt): Re-keying live circuits with new cryptographic material [RESERVE] -* [`263-ntru-for-pq-handshake.txt`](/proposals/263-ntru-for-pq-handshake.txt): Request to change key exchange protocol for handshake v1.2 [OBSOLETE] -* [`264-subprotocol-versions.txt`](/proposals/264-subprotocol-versions.txt): Putting version numbers on the Tor subprotocols [CLOSED] -* [`265-load-balancing-with-overhead.txt`](/proposals/265-load-balancing-with-overhead.txt): Load Balancing with Overhead Parameters [OPEN] -* [`266-removing-current-obsolete-clients.txt`](/proposals/266-removing-current-obsolete-clients.txt): Removing current obsolete clients from the Tor network [SUPERSEDED] -* [`267-tor-consensus-transparency.txt`](/proposals/267-tor-consensus-transparency.txt): Tor Consensus Transparency [OPEN] -* [`268-guard-selection.txt`](/proposals/268-guard-selection.txt): New Guard Selection Behaviour [OBSOLETE] -* [`269-hybrid-handshake.txt`](/proposals/269-hybrid-handshake.txt): Transitionally secure hybrid handshakes [NEEDS-REVISION] -* [`270-newhope-hybrid-handshake.txt`](/proposals/270-newhope-hybrid-handshake.txt): RebelAlliance: A Post-Quantum Secure Hybrid Handshake Based on NewHope [OBSOLETE] -* [`271-another-guard-selection.txt`](/proposals/271-another-guard-selection.txt): Another algorithm for guard selection [CLOSED] -* [`272-valid-and-running-by-default.txt`](/proposals/272-valid-and-running-by-default.txt): Listed routers should be Valid, Running, and treated as such [CLOSED] -* [`273-exit-relay-pinning.txt`](/proposals/273-exit-relay-pinning.txt): Exit relay pinning for web services [RESERVE] -* [`274-rotate-onion-keys-less.txt`](/proposals/274-rotate-onion-keys-less.txt): Rotate onion keys less frequently [CLOSED] -* [`275-md-published-time-is-silly.txt`](/proposals/275-md-published-time-is-silly.txt): Stop including meaningful "published" time in microdescriptor consensus [CLOSED] -* [`276-lower-bw-granularity.txt`](/proposals/276-lower-bw-granularity.txt): Report bandwidth with lower granularity in consensus documents [DEAD] -* [`277-detect-id-sharing.txt`](/proposals/277-detect-id-sharing.txt): Detect multiple relay instances running with same ID [OPEN] -* [`278-directory-compression-scheme-negotiation.txt`](/proposals/278-directory-compression-scheme-negotiation.txt): Directory Compression Scheme Negotiation [CLOSED] -* [`279-naming-layer-api.txt`](/proposals/279-naming-layer-api.txt): A Name System API for Tor Onion Services [NEEDS-REVISION] -* [`280-privcount-in-tor.txt`](/proposals/280-privcount-in-tor.txt): Privacy-Preserving Statistics with Privcount in Tor [SUPERSEDED] -* [`281-bulk-md-download.txt`](/proposals/281-bulk-md-download.txt): Downloading microdescriptors in bulk [RESERVE] -* [`282-remove-named-from-consensus.txt`](/proposals/282-remove-named-from-consensus.txt): Remove "Named" and "Unnamed" handling from consensus voting [ACCEPTED] -* [`283-ipv6-in-micro-consensus.txt`](/proposals/283-ipv6-in-micro-consensus.txt): Move IPv6 ORPorts from microdescriptors to the microdesc consensus [CLOSED] -* [`284-hsv3-control-port.txt`](/proposals/284-hsv3-control-port.txt): Hidden Service v3 Control Port [CLOSED] -* [`285-utf-8.txt`](/proposals/285-utf-8.txt): Directory documents should be standardized as UTF-8 [ACCEPTED] -* [`286-hibernation-api.txt`](/proposals/286-hibernation-api.txt): Controller APIs for hibernation access on mobile [REJECTED] -* [`287-reduce-lifetime.txt`](/proposals/287-reduce-lifetime.txt): Reduce circuit lifetime without overloading the network [OPEN] -* [`288-privcount-with-shamir.txt`](/proposals/288-privcount-with-shamir.txt): Privacy-Preserving Statistics with Privcount in Tor (Shamir version) [RESERVE] -* [`289-authenticated-sendmes.txt`](/proposals/289-authenticated-sendmes.txt): Authenticating sendme cells to mitigate bandwidth attacks [CLOSED] -* [`290-deprecate-consensus-methods.txt`](/proposals/290-deprecate-consensus-methods.txt): Continuously update consensus methods [META] -* [`291-two-guard-nodes.txt`](/proposals/291-two-guard-nodes.txt): The move to two guard nodes [FINISHED] -* [`292-mesh-vanguards.txt`](/proposals/292-mesh-vanguards.txt): Mesh-based vanguards [CLOSED] -* [`293-know-when-to-publish.txt`](/proposals/293-know-when-to-publish.txt): Other ways for relays to know when to publish [CLOSED] -* [`294-tls-1.3.txt`](/proposals/294-tls-1.3.txt): TLS 1.3 Migration [DRAFT] -* [`295-relay-crypto-with-adl.txt`](/proposals/295-relay-crypto-with-adl.txt): Using ADL for relay cryptography (solving the crypto-tagging attack) [OPEN] -* [`296-expose-bandwidth-files.txt`](/proposals/296-expose-bandwidth-files.txt): Have Directory Authorities expose raw bandwidth list files [CLOSED] -* [`297-safer-protover-shutdowns.txt`](/proposals/297-safer-protover-shutdowns.txt): Relaxing the protover-based shutdown rules [CLOSED] -* [`298-canonical-families.txt`](/proposals/298-canonical-families.txt): Putting family lines in canonical form [CLOSED] -* [`299-ip-failure-count.txt`](/proposals/299-ip-failure-count.txt): Preferring IPv4 or IPv6 based on IP Version Failure Count [SUPERSEDED] -* [`300-walking-onions.txt`](/proposals/300-walking-onions.txt): Walking Onions: Scaling and Saving Bandwidth [INFORMATIONAL] -* [`301-dont-vote-on-package-fingerprints.txt`](/proposals/301-dont-vote-on-package-fingerprints.txt): Don't include package fingerprints in consensus documents [CLOSED] -* [`302-padding-machines-for-onion-clients.txt`](/proposals/302-padding-machines-for-onion-clients.txt): Hiding onion service clients using padding [CLOSED] -* [`303-protover-removal-policy.txt`](/proposals/303-protover-removal-policy.txt): When and how to remove support for protocol versions [OPEN] -* [`304-socks5-extending-hs-error-codes.txt`](/proposals/304-socks5-extending-hs-error-codes.txt): Extending SOCKS5 Onion Service Error Codes [CLOSED] -* [`305-establish-intro-dos-defense-extention.txt`](/proposals/305-establish-intro-dos-defense-extention.txt): ESTABLISH_INTRO Cell DoS Defense Extension [CLOSED] -* [`306-ipv6-happy-eyeballs.txt`](/proposals/306-ipv6-happy-eyeballs.txt): A Tor Implementation of IPv6 Happy Eyeballs [OPEN] -* [`307-onionbalance-v3.txt`](/proposals/307-onionbalance-v3.txt): Onion Balance Support for Onion Service v3 [RESERVE] -* [`308-counter-galois-onion.txt`](/proposals/308-counter-galois-onion.txt): Counter Galois Onion: A New Proposal for Forward-Secure Relay Cryptography [SUPERSEDED] -* [`309-optimistic-socks-in-tor.txt`](/proposals/309-optimistic-socks-in-tor.txt): Optimistic SOCKS Data [OPEN] -* [`310-bandaid-on-guard-selection.txt`](/proposals/310-bandaid-on-guard-selection.txt): Towards load-balancing in Prop 271 [CLOSED] -* [`311-relay-ipv6-reachability.txt`](/proposals/311-relay-ipv6-reachability.txt): Tor Relay IPv6 Reachability [ACCEPTED] -* [`312-relay-auto-ipv6-addr.txt`](/proposals/312-relay-auto-ipv6-addr.txt): Tor Relay Automatic IPv6 Address Discovery [ACCEPTED] -* [`313-relay-ipv6-stats.txt`](/proposals/313-relay-ipv6-stats.txt): Tor Relay IPv6 Statistics [ACCEPTED] -* [`314-allow-markdown-proposals.md`](/proposals/314-allow-markdown-proposals.md): Allow Markdown for proposal format [CLOSED] -* [`315-update-dir-required-fields.txt`](/proposals/315-update-dir-required-fields.txt): Updating the list of fields required in directory documents [CLOSED] -* [`316-flashflow.md`](/proposals/316-flashflow.md): FlashFlow: A Secure Speed Test for Tor (Parent Proposal) [DRAFT] -* [`317-secure-dns-name-resolution.txt`](/proposals/317-secure-dns-name-resolution.txt): Improve security aspects of DNS name resolution [NEEDS-REVISION] -* [`318-limit-protovers.md`](/proposals/318-limit-protovers.md): Limit protover values to 0-63 [CLOSED] -* [`319-wide-everything.md`](/proposals/319-wide-everything.md): RELAY_FRAGMENT cells [OBSOLETE] -* [`320-tap-out-again.md`](/proposals/320-tap-out-again.md): Removing TAP usage from v2 onion services [REJECTED] -* [`321-happy-families.md`](/proposals/321-happy-families.md): Better performance and usability for the MyFamily option (v2) [ACCEPTED] -* [`322-dirport-linkspec.md`](/proposals/322-dirport-linkspec.md): Extending link specifiers to include the directory port [OPEN] -* [`323-walking-onions-full.md`](/proposals/323-walking-onions-full.md): Specification for Walking Onions [OPEN] -* [`324-rtt-congestion-control.txt`](/proposals/324-rtt-congestion-control.txt): RTT-based Congestion Control for Tor [FINISHED] -* [`325-packed-relay-cells.md`](/proposals/325-packed-relay-cells.md): Packed relay cells: saving space on small commands [OBSOLETE] -* [`326-tor-relay-well-known-uri-rfc8615.md`](/proposals/326-tor-relay-well-known-uri-rfc8615.md): The "tor-relay" Well-Known Resource Identifier [OPEN] -* [`327-pow-over-intro.txt`](/proposals/327-pow-over-intro.txt): A First Take at PoW Over Introduction Circuits [FINISHED] -* [`328-relay-overload-report.md`](/proposals/328-relay-overload-report.md): Make Relays Report When They Are Overloaded [CLOSED] -* [`329-traffic-splitting.txt`](/proposals/329-traffic-splitting.txt): Overcoming Tor's Bottlenecks with Traffic Splitting [FINISHED] -* [`330-authority-contact.md`](/proposals/330-authority-contact.md): Modernizing authority contact entries [OPEN] -* [`331-res-tokens-for-anti-dos.md`](/proposals/331-res-tokens-for-anti-dos.md): Res tokens: Anonymous Credentials for Onion Service DoS Resilience [DRAFT] -* [`332-ntor-v3-with-extra-data.md`](/proposals/332-ntor-v3-with-extra-data.md): Ntor protocol with extra data, version 3 [CLOSED] -* [`333-vanguards-lite.md`](/proposals/333-vanguards-lite.md): Vanguards lite [CLOSED] -* [`334-middle-only-flag.txt`](/proposals/334-middle-only-flag.txt): A Directory Authority Flag To Mark Relays As Middle-only [SUPERSEDED] -* [`335-middle-only-redux.md`](/proposals/335-middle-only-redux.md): An authority-only design for MiddleOnly [CLOSED] -* [`336-randomize-guard-retries.md`](/proposals/336-randomize-guard-retries.md): Randomized schedule for guard retries [CLOSED] -* [`337-simpler-guard-usability.md`](/proposals/337-simpler-guard-usability.md): A simpler way to decide, "Is this guard usable?" [CLOSED] -* [`338-netinfo-y2038.md`](/proposals/338-netinfo-y2038.md): Use an 8-byte timestamp in NETINFO cells [ACCEPTED] -* [`339-udp-over-tor.md`](/proposals/339-udp-over-tor.md): UDP traffic over Tor [ACCEPTED] -* [`340-packed-and-fragmented.md`](/proposals/340-packed-and-fragmented.md): Packed and fragmented relay messages [OPEN] -* [`341-better-oos.md`](/proposals/341-better-oos.md): A better algorithm for out-of-sockets eviction [OPEN] -* [`342-decouple-hs-interval.md`](/proposals/342-decouple-hs-interval.md): Decoupling hs_interval and SRV lifetime [DRAFT] -* [`343-rend-caa.txt`](/proposals/343-rend-caa.txt): CAA Extensions for the Tor Rendezvous Specification [OPEN] -* [`344-protocol-info-leaks.txt`](/proposals/344-protocol-info-leaks.txt): Prioritizing Protocol Information Leaks in Tor [OPEN] -* [`345-specs-in-mdbook.md`](/proposals/345-specs-in-mdbook.md): Migrating the tor specifications to mdbook [CLOSED] -* [`346-protovers-again.md`](/proposals/346-protovers-again.md): Clarifying and extending the use of protocol versioning [OPEN] -* [`347-domain-separation.md`](/proposals/347-domain-separation.md): Domain separation for certificate signing keys [OPEN] +* [`000-index.txt`](/proposals/000-index.txt): Index of Tor Proposals \[META\] +* [`001-process.txt`](/proposals/001-process.txt): The Tor Proposal Process \[META\] +* [`098-todo.txt`](/proposals/098-todo.txt): Proposals that should be written \[OBSOLETE\] +* [`099-misc.txt`](/proposals/099-misc.txt): Miscellaneous proposals \[OBSOLETE\] +* [`100-tor-spec-udp.txt`](/proposals/100-tor-spec-udp.txt): Tor Unreliable Datagram Extension Proposal \[DEAD\] +* [`101-dir-voting.txt`](/proposals/101-dir-voting.txt): Voting on the Tor Directory System \[CLOSED\] +* [`102-drop-opt.txt`](/proposals/102-drop-opt.txt): Dropping "opt" from the directory format \[CLOSED\] +* [`103-multilevel-keys.txt`](/proposals/103-multilevel-keys.txt): Splitting identity key from regularly used signing key \[CLOSED\] +* [`104-short-descriptors.txt`](/proposals/104-short-descriptors.txt): Long and Short Router Descriptors \[CLOSED\] +* [`105-handshake-revision.txt`](/proposals/105-handshake-revision.txt): Version negotiation for the Tor protocol \[CLOSED\] +* [`106-less-tls-constraint.txt`](/proposals/106-less-tls-constraint.txt): Checking fewer things during TLS handshakes \[CLOSED\] +* [`107-uptime-sanity-checking.txt`](/proposals/107-uptime-sanity-checking.txt): Uptime Sanity Checking \[CLOSED\] +* [`108-mtbf-based-stability.txt`](/proposals/108-mtbf-based-stability.txt): Base "Stable" Flag on Mean Time Between Failures \[CLOSED\] +* [`109-no-sharing-ips.txt`](/proposals/109-no-sharing-ips.txt): No more than one server per IP address \[CLOSED\] +* [`110-avoid-infinite-circuits.txt`](/proposals/110-avoid-infinite-circuits.txt): Avoiding infinite length circuits \[CLOSED\] +* [`111-local-traffic-priority.txt`](/proposals/111-local-traffic-priority.txt): Prioritizing local traffic over relayed traffic \[CLOSED\] +* [`112-bring-back-pathlencoinweight.txt`](/proposals/112-bring-back-pathlencoinweight.txt): Bring Back Pathlen Coin Weight \[SUPERSEDED\] +* [`113-fast-authority-interface.txt`](/proposals/113-fast-authority-interface.txt): Simplifying directory authority administration \[SUPERSEDED\] +* [`114-distributed-storage.txt`](/proposals/114-distributed-storage.txt): Distributed Storage for Tor Hidden Service Descriptors \[CLOSED\] +* [`115-two-hop-paths.txt`](/proposals/115-two-hop-paths.txt): Two Hop Paths \[DEAD\] +* [`116-two-hop-paths-from-guard.txt`](/proposals/116-two-hop-paths-from-guard.txt): Two hop paths from entry guards \[DEAD\] +* [`117-ipv6-exits.txt`](/proposals/117-ipv6-exits.txt): IPv6 exits \[CLOSED\] +* [`118-multiple-orports.txt`](/proposals/118-multiple-orports.txt): Advertising multiple ORPorts at once \[SUPERSEDED\] +* [`119-controlport-auth.txt`](/proposals/119-controlport-auth.txt): New PROTOCOLINFO command for controllers \[CLOSED\] +* [`120-shutdown-descriptors.txt`](/proposals/120-shutdown-descriptors.txt): Shutdown descriptors when Tor servers stop \[DEAD\] +* [`121-hidden-service-authentication.txt`](/proposals/121-hidden-service-authentication.txt): Hidden Service Authentication \[CLOSED\] +* [`122-unnamed-flag.txt`](/proposals/122-unnamed-flag.txt): Network status entries need a new Unnamed flag \[CLOSED\] +* [`123-autonaming.txt`](/proposals/123-autonaming.txt): Naming authorities automatically create bindings \[CLOSED\] +* [`124-tls-certificates.txt`](/proposals/124-tls-certificates.txt): Blocking resistant TLS certificate usage \[SUPERSEDED\] +* [`125-bridges.txt`](/proposals/125-bridges.txt): Behavior for bridge users, bridge relays, and bridge authorities \[CLOSED\] +* [`126-geoip-reporting.txt`](/proposals/126-geoip-reporting.txt): Getting GeoIP data and publishing usage summaries \[CLOSED\] +* [`127-dirport-mirrors-downloads.txt`](/proposals/127-dirport-mirrors-downloads.txt): Relaying dirport requests to Tor download site / website \[OBSOLETE\] +* [`128-bridge-families.txt`](/proposals/128-bridge-families.txt): Families of private bridges \[DEAD\] +* [`129-reject-plaintext-ports.txt`](/proposals/129-reject-plaintext-ports.txt): Block Insecure Protocols by Default \[CLOSED\] +* [`130-v2-conn-protocol.txt`](/proposals/130-v2-conn-protocol.txt): Version 2 Tor connection protocol \[CLOSED\] +* [`131-verify-tor-usage.txt`](/proposals/131-verify-tor-usage.txt): Help users to verify they are using Tor \[OBSOLETE\] +* [`132-browser-check-tor-service.txt`](/proposals/132-browser-check-tor-service.txt): A Tor Web Service For Verifying Correct Browser Configuration \[OBSOLETE\] +* [`133-unreachable-ors.txt`](/proposals/133-unreachable-ors.txt): Incorporate Unreachable ORs into the Tor Network \[RESERVE\] +* [`134-robust-voting.txt`](/proposals/134-robust-voting.txt): More robust consensus voting with diverse authority sets \[REJECTED\] +* [`135-private-tor-networks.txt`](/proposals/135-private-tor-networks.txt): Simplify Configuration of Private Tor Networks \[CLOSED\] +* [`136-legacy-keys.txt`](/proposals/136-legacy-keys.txt): Mass authority migration with legacy keys \[CLOSED\] +* [`137-bootstrap-phases.txt`](/proposals/137-bootstrap-phases.txt): Keep controllers informed as Tor bootstraps \[CLOSED\] +* [`138-remove-down-routers-from-consensus.txt`](/proposals/138-remove-down-routers-from-consensus.txt): Remove routers that are not Running from consensus documents \[CLOSED\] +* [`139-conditional-consensus-download.txt`](/proposals/139-conditional-consensus-download.txt): Download consensus documents only when it will be trusted \[CLOSED\] +* [`140-consensus-diffs.txt`](/proposals/140-consensus-diffs.txt): Provide diffs between consensuses \[CLOSED\] +* [`141-jit-sd-downloads.txt`](/proposals/141-jit-sd-downloads.txt): Download server descriptors on demand \[OBSOLETE\] +* [`142-combine-intro-and-rend-points.txt`](/proposals/142-combine-intro-and-rend-points.txt): Combine Introduction and Rendezvous Points \[DEAD\] +* [`143-distributed-storage-improvements.txt`](/proposals/143-distributed-storage-improvements.txt): Improvements of Distributed Storage for Tor Hidden Service Descriptors \[SUPERSEDED\] +* [`144-enforce-distinct-providers.txt`](/proposals/144-enforce-distinct-providers.txt): Increase the diversity of circuits by detecting nodes belonging the same provider \[OBSOLETE\] +* [`145-newguard-flag.txt`](/proposals/145-newguard-flag.txt): Separate "suitable as a guard" from "suitable as a new guard" \[SUPERSEDED\] +* [`146-long-term-stability.txt`](/proposals/146-long-term-stability.txt): Add new flag to reflect long-term stability \[SUPERSEDED\] +* [`147-prevoting-opinions.txt`](/proposals/147-prevoting-opinions.txt): Eliminate the need for v2 directories in generating v3 directories \[REJECTED\] +* [`148-uniform-client-end-reason.txt`](/proposals/148-uniform-client-end-reason.txt): Stream end reasons from the client side should be uniform \[CLOSED\] +* [`149-using-netinfo-data.txt`](/proposals/149-using-netinfo-data.txt): Using data from NETINFO cells \[SUPERSEDED\] +* [`150-exclude-exit-nodes.txt`](/proposals/150-exclude-exit-nodes.txt): Exclude Exit Nodes from a circuit \[CLOSED\] +* [`151-path-selection-improvements.txt`](/proposals/151-path-selection-improvements.txt): Improving Tor Path Selection \[CLOSED\] +* [`152-single-hop-circuits.txt`](/proposals/152-single-hop-circuits.txt): Optionally allow exit from single-hop circuits \[CLOSED\] +* [`153-automatic-software-update-protocol.txt`](/proposals/153-automatic-software-update-protocol.txt): Automatic software update protocol \[SUPERSEDED\] +* [`154-automatic-updates.txt`](/proposals/154-automatic-updates.txt): Automatic Software Update Protocol \[SUPERSEDED\] +* [`155-four-hidden-service-improvements.txt`](/proposals/155-four-hidden-service-improvements.txt): Four Improvements of Hidden Service Performance \[CLOSED\] +* [`156-tracking-blocked-ports.txt`](/proposals/156-tracking-blocked-ports.txt): Tracking blocked ports on the client side \[SUPERSEDED\] +* [`157-specific-cert-download.txt`](/proposals/157-specific-cert-download.txt): Make certificate downloads specific \[CLOSED\] +* [`158-microdescriptors.txt`](/proposals/158-microdescriptors.txt): Clients download consensus + microdescriptors \[CLOSED\] +* [`159-exit-scanning.txt`](/proposals/159-exit-scanning.txt): Exit Scanning \[INFORMATIONAL\] +* [`160-bandwidth-offset.txt`](/proposals/160-bandwidth-offset.txt): Authorities vote for bandwidth offsets in consensus \[CLOSED\] +* [`161-computing-bandwidth-adjustments.txt`](/proposals/161-computing-bandwidth-adjustments.txt): Computing Bandwidth Adjustments \[CLOSED\] +* [`162-consensus-flavors.txt`](/proposals/162-consensus-flavors.txt): Publish the consensus in multiple flavors \[CLOSED\] +* [`163-detecting-clients.txt`](/proposals/163-detecting-clients.txt): Detecting whether a connection comes from a client \[SUPERSEDED\] +* [`164-reporting-server-status.txt`](/proposals/164-reporting-server-status.txt): Reporting the status of server votes \[OBSOLETE\] +* [`165-simple-robust-voting.txt`](/proposals/165-simple-robust-voting.txt): Easy migration for voting authority sets \[REJECTED\] +* [`166-statistics-extra-info-docs.txt`](/proposals/166-statistics-extra-info-docs.txt): Including Network Statistics in Extra-Info Documents \[CLOSED\] +* [`167-params-in-consensus.txt`](/proposals/167-params-in-consensus.txt): Vote on network parameters in consensus \[CLOSED\] +* [`168-reduce-circwindow.txt`](/proposals/168-reduce-circwindow.txt): Reduce default circuit window \[REJECTED\] +* [`169-eliminating-renegotiation.txt`](/proposals/169-eliminating-renegotiation.txt): Eliminate TLS renegotiation for the Tor connection handshake \[SUPERSEDED\] +* [`170-user-path-config.txt`](/proposals/170-user-path-config.txt): Configuration options regarding circuit building \[SUPERSEDED\] +* [`171-separate-streams.txt`](/proposals/171-separate-streams.txt): Separate streams across circuits by connection metadata \[CLOSED\] +* [`172-circ-getinfo-option.txt`](/proposals/172-circ-getinfo-option.txt): GETINFO controller option for circuit information \[RESERVE\] +* [`173-getinfo-option-expansion.txt`](/proposals/173-getinfo-option-expansion.txt): GETINFO Option Expansion \[OBSOLETE\] +* [`174-optimistic-data-server.txt`](/proposals/174-optimistic-data-server.txt): Optimistic Data for Tor: Server Side \[CLOSED\] +* [`175-automatic-node-promotion.txt`](/proposals/175-automatic-node-promotion.txt): Automatically promoting Tor clients to nodes \[REJECTED\] +* [`176-revising-handshake.txt`](/proposals/176-revising-handshake.txt): Proposed version-3 link handshake for Tor \[CLOSED\] +* [`177-flag-abstention.txt`](/proposals/177-flag-abstention.txt): Abstaining from votes on individual flags \[RESERVE\] +* [`178-param-voting.txt`](/proposals/178-param-voting.txt): Require majority of authorities to vote for consensus parameters \[CLOSED\] +* [`179-TLS-cert-and-parameter-normalization.txt`](/proposals/179-TLS-cert-and-parameter-normalization.txt): TLS certificate and parameter normalization \[CLOSED\] +* [`180-pluggable-transport.txt`](/proposals/180-pluggable-transport.txt): Pluggable transports for circumvention \[CLOSED\] +* [`181-optimistic-data-client.txt`](/proposals/181-optimistic-data-client.txt): Optimistic Data for Tor: Client Side \[CLOSED\] +* [`182-creditbucket.txt`](/proposals/182-creditbucket.txt): Credit Bucket \[OBSOLETE\] +* [`183-refillintervals.txt`](/proposals/183-refillintervals.txt): Refill Intervals \[CLOSED\] +* [`184-v3-link-protocol.txt`](/proposals/184-v3-link-protocol.txt): Miscellaneous changes for a v3 Tor link protocol \[CLOSED\] +* [`185-dir-without-dirport.txt`](/proposals/185-dir-without-dirport.txt): Directory caches without DirPort \[SUPERSEDED\] +* [`186-multiple-orports.txt`](/proposals/186-multiple-orports.txt): Multiple addresses for one OR or bridge \[CLOSED\] +* [`187-allow-client-auth.txt`](/proposals/187-allow-client-auth.txt): Reserve a cell type to allow client authorization \[CLOSED\] +* [`188-bridge-guards.txt`](/proposals/188-bridge-guards.txt): Bridge Guards and other anti-enumeration defenses \[RESERVE\] +* [`189-authorize-cell.txt`](/proposals/189-authorize-cell.txt): AUTHORIZE and AUTHORIZED cells \[OBSOLETE\] +* [`190-shared-secret-bridge-authorization.txt`](/proposals/190-shared-secret-bridge-authorization.txt): Bridge Client Authorization Based on a Shared Secret \[OBSOLETE\] +* [`191-mitm-bridge-detection-resistance.txt`](/proposals/191-mitm-bridge-detection-resistance.txt): Bridge Detection Resistance against MITM-capable Adversaries \[OBSOLETE\] +* [`192-store-bridge-information.txt`](/proposals/192-store-bridge-information.txt): Automatically retrieve and store information about bridges \[OBSOLETE\] +* [`193-safe-cookie-authentication.txt`](/proposals/193-safe-cookie-authentication.txt): Safe cookie authentication for Tor controllers \[CLOSED\] +* [`194-mnemonic-urls.txt`](/proposals/194-mnemonic-urls.txt): Mnemonic .onion URLs \[SUPERSEDED\] +* [`195-TLS-normalization-for-024.txt`](/proposals/195-TLS-normalization-for-024.txt): TLS certificate normalization for Tor 0.2.4.x \[DEAD\] +* [`196-transport-control-ports.txt`](/proposals/196-transport-control-ports.txt): Extended ORPort and TransportControlPort \[CLOSED\] +* [`197-postmessage-ipc.txt`](/proposals/197-postmessage-ipc.txt): Message-based Inter-Controller IPC Channel \[REJECTED\] +* [`198-restore-clienthello-semantics.txt`](/proposals/198-restore-clienthello-semantics.txt): Restore semantics of TLS ClientHello \[CLOSED\] +* [`199-bridgefinder-integration.txt`](/proposals/199-bridgefinder-integration.txt): Integration of BridgeFinder and BridgeFinderHelper \[OBSOLETE\] +* [`200-new-create-and-extend-cells.txt`](/proposals/200-new-create-and-extend-cells.txt): Adding new, extensible CREATE, EXTEND, and related cells \[CLOSED\] +* [`201-bridge-v3-reqs-stats.txt`](/proposals/201-bridge-v3-reqs-stats.txt): Make bridges report statistics on daily v3 network status requests \[RESERVE\] +* [`202-improved-relay-crypto.txt`](/proposals/202-improved-relay-crypto.txt): Two improved relay encryption protocols for Tor cells \[META\] +* [`203-https-frontend.txt`](/proposals/203-https-frontend.txt): Avoiding censorship by impersonating an HTTPS server \[OBSOLETE\] +* [`204-hidserv-subdomains.txt`](/proposals/204-hidserv-subdomains.txt): Subdomain support for Hidden Service addresses \[CLOSED\] +* [`205-local-dnscache.txt`](/proposals/205-local-dnscache.txt): Remove global client-side DNS caching \[CLOSED\] +* [`206-directory-sources.txt`](/proposals/206-directory-sources.txt): Preconfigured directory sources for bootstrapping \[CLOSED\] +* [`207-directory-guards.txt`](/proposals/207-directory-guards.txt): Directory guards \[CLOSED\] +* [`208-ipv6-exits-redux.txt`](/proposals/208-ipv6-exits-redux.txt): IPv6 Exits Redux \[CLOSED\] +* [`209-path-bias-tuning.txt`](/proposals/209-path-bias-tuning.txt): Tuning the Parameters for the Path Bias Defense \[OBSOLETE\] +* [`210-faster-headless-consensus-bootstrap.txt`](/proposals/210-faster-headless-consensus-bootstrap.txt): Faster Headless Consensus Bootstrapping \[SUPERSEDED\] +* [`211-mapaddress-tor-status.txt`](/proposals/211-mapaddress-tor-status.txt): Internal Mapaddress for Tor Configuration Testing \[RESERVE\] +* [`212-using-old-consensus.txt`](/proposals/212-using-old-consensus.txt): Increase Acceptable Consensus Age \[NEEDS-REVISION\] +* [`213-remove-stream-sendmes.txt`](/proposals/213-remove-stream-sendmes.txt): Remove stream-level sendmes from the design \[DEAD\] +* [`214-longer-circids.txt`](/proposals/214-longer-circids.txt): Allow 4-byte circuit IDs in a new link protocol \[CLOSED\] +* [`215-update-min-consensus-ver.txt`](/proposals/215-update-min-consensus-ver.txt): Let the minimum consensus method change with time \[CLOSED\] +* [`216-ntor-handshake.txt`](/proposals/216-ntor-handshake.txt): Improved circuit-creation key exchange \[CLOSED\] +* [`217-ext-orport-auth.txt`](/proposals/217-ext-orport-auth.txt): Tor Extended ORPort Authentication \[CLOSED\] +* [`218-usage-controller-events.txt`](/proposals/218-usage-controller-events.txt): Controller events to better understand connection/circuit usage \[CLOSED\] +* [`219-expanded-dns.txt`](/proposals/219-expanded-dns.txt): Support for full DNS and DNSSEC resolution in Tor \[NEEDS-REVISION\] +* [`220-ecc-id-keys.txt`](/proposals/220-ecc-id-keys.txt): Migrate server identity keys to Ed25519 \[CLOSED\] +* [`221-stop-using-create-fast.txt`](/proposals/221-stop-using-create-fast.txt): Stop using CREATE_FAST \[CLOSED\] +* [`222-remove-client-timestamps.txt`](/proposals/222-remove-client-timestamps.txt): Stop sending client timestamps \[CLOSED\] +* [`223-ace-handshake.txt`](/proposals/223-ace-handshake.txt): Ace: Improved circuit-creation key exchange \[RESERVE\] +* [`224-rend-spec-ng.txt`](/proposals/224-rend-spec-ng.txt): Next-Generation Hidden Services in Tor \[CLOSED\] +* [`225-strawman-shared-rand.txt`](/proposals/225-strawman-shared-rand.txt): Strawman proposal: commit-and-reveal shared rng \[SUPERSEDED\] +* [`226-bridgedb-database-improvements.txt`](/proposals/226-bridgedb-database-improvements.txt): "Scalability and Stability Improvements to BridgeDB: Switching to a Distributed Database System and RDBMS" \[RESERVE\] +* [`227-vote-on-package-fingerprints.txt`](/proposals/227-vote-on-package-fingerprints.txt): Include package fingerprints in consensus documents \[CLOSED\] +* [`228-cross-certification-onionkeys.txt`](/proposals/228-cross-certification-onionkeys.txt): Cross-certifying identity keys with onion keys \[CLOSED\] +* [`229-further-socks5-extensions.txt`](/proposals/229-further-socks5-extensions.txt): Further SOCKS5 extensions \[REJECTED\] +* [`230-rsa1024-relay-id-migration.txt`](/proposals/230-rsa1024-relay-id-migration.txt): How to change RSA1024 relay identity keys \[OBSOLETE\] +* [`231-migrate-authority-rsa1024-ids.txt`](/proposals/231-migrate-authority-rsa1024-ids.txt): Migrating authority RSA1024 identity keys \[OBSOLETE\] +* [`232-pluggable-transports-through-proxy.txt`](/proposals/232-pluggable-transports-through-proxy.txt): Pluggable Transport through SOCKS proxy \[CLOSED\] +* [`233-quicken-tor2web-mode.txt`](/proposals/233-quicken-tor2web-mode.txt): Making Tor2Web mode faster \[REJECTED\] +* [`234-remittance-addresses.txt`](/proposals/234-remittance-addresses.txt): Adding remittance field to directory specification \[REJECTED\] +* [`235-kill-named-flag.txt`](/proposals/235-kill-named-flag.txt): Stop assigning (and eventually supporting) the Named flag \[CLOSED\] +* [`236-single-guard-node.txt`](/proposals/236-single-guard-node.txt): The move to a single guard node \[CLOSED\] +* [`237-directory-servers-for-all.txt`](/proposals/237-directory-servers-for-all.txt): All relays are directory servers \[CLOSED\] +* [`238-hs-relay-stats.txt`](/proposals/238-hs-relay-stats.txt): Better hidden service stats from Tor relays \[CLOSED\] +* [`239-consensus-hash-chaining.txt`](/proposals/239-consensus-hash-chaining.txt): Consensus Hash Chaining \[OPEN\] +* [`240-auth-cert-revocation.txt`](/proposals/240-auth-cert-revocation.txt): Early signing key revocation for directory authorities \[OPEN\] +* [`241-suspicious-guard-turnover.txt`](/proposals/241-suspicious-guard-turnover.txt): Resisting guard-turnover attacks \[REJECTED\] +* [`242-better-families.txt`](/proposals/242-better-families.txt): Better performance and usability for the MyFamily option \[SUPERSEDED\] +* [`243-hsdir-flag-need-stable.txt`](/proposals/243-hsdir-flag-need-stable.txt): Give out HSDir flag only to relays with Stable flag \[CLOSED\] +* [`244-use-rfc5705-for-tls-binding.txt`](/proposals/244-use-rfc5705-for-tls-binding.txt): Use RFC5705 Key Exporting in our AUTHENTICATE calls \[CLOSED\] +* [`245-tap-out.txt`](/proposals/245-tap-out.txt): Deprecating and removing the TAP circuit extension protocol \[NEEDS-REVISION\] +* [`246-merge-hsdir-and-intro.txt`](/proposals/246-merge-hsdir-and-intro.txt): Merging Hidden Service Directories and Introduction Points \[REJECTED\] +* [`247-hs-guard-discovery.txt`](/proposals/247-hs-guard-discovery.txt): Defending Against Guard Discovery Attacks using Vanguards \[SUPERSEDED\] +* [`248-removing-rsa-identities.txt`](/proposals/248-removing-rsa-identities.txt): Remove all RSA identity keys \[NEEDS-REVISION\] +* [`249-large-create-cells.txt`](/proposals/249-large-create-cells.txt): Allow CREATE cells with >505 bytes of handshake data \[SUPERSEDED\] +* [`250-commit-reveal-consensus.txt`](/proposals/250-commit-reveal-consensus.txt): Random Number Generation During Tor Voting \[CLOSED\] +* [`251-netflow-padding.txt`](/proposals/251-netflow-padding.txt): Padding for netflow record resolution reduction \[CLOSED\] +* [`252-single-onion.txt`](/proposals/252-single-onion.txt): Single Onion Services \[SUPERSEDED\] +* [`253-oob-hmac.txt`](/proposals/253-oob-hmac.txt): Out of Band Circuit HMACs \[DEAD\] +* [`254-padding-negotiation.txt`](/proposals/254-padding-negotiation.txt): Padding Negotiation \[CLOSED\] +* [`255-hs-load-balancing.txt`](/proposals/255-hs-load-balancing.txt): Controller features to allow for load-balancing hidden services \[RESERVE\] +* [`256-key-revocation.txt`](/proposals/256-key-revocation.txt): Key revocation for relays and authorities \[RESERVE\] +* [`257-hiding-authorities.txt`](/proposals/257-hiding-authorities.txt): Refactoring authorities and making them more isolated from the net \[META\] +* [`258-dirauth-dos.txt`](/proposals/258-dirauth-dos.txt): Denial-of-service resistance for directory authorities \[DEAD\] +* [`259-guard-selection.txt`](/proposals/259-guard-selection.txt): New Guard Selection Behaviour \[OBSOLETE\] +* [`260-rend-single-onion.txt`](/proposals/260-rend-single-onion.txt): Rendezvous Single Onion Services \[FINISHED\] +* [`261-aez-crypto.txt`](/proposals/261-aez-crypto.txt): AEZ for relay cryptography \[OBSOLETE\] +* [`262-rekey-circuits.txt`](/proposals/262-rekey-circuits.txt): Re-keying live circuits with new cryptographic material \[RESERVE\] +* [`263-ntru-for-pq-handshake.txt`](/proposals/263-ntru-for-pq-handshake.txt): Request to change key exchange protocol for handshake v1.2 \[OBSOLETE\] +* [`264-subprotocol-versions.txt`](/proposals/264-subprotocol-versions.txt): Putting version numbers on the Tor subprotocols \[CLOSED\] +* [`265-load-balancing-with-overhead.txt`](/proposals/265-load-balancing-with-overhead.txt): Load Balancing with Overhead Parameters \[OPEN\] +* [`266-removing-current-obsolete-clients.txt`](/proposals/266-removing-current-obsolete-clients.txt): Removing current obsolete clients from the Tor network \[SUPERSEDED\] +* [`267-tor-consensus-transparency.txt`](/proposals/267-tor-consensus-transparency.txt): Tor Consensus Transparency \[OPEN\] +* [`268-guard-selection.txt`](/proposals/268-guard-selection.txt): New Guard Selection Behaviour \[OBSOLETE\] +* [`269-hybrid-handshake.txt`](/proposals/269-hybrid-handshake.txt): Transitionally secure hybrid handshakes \[NEEDS-REVISION\] +* [`270-newhope-hybrid-handshake.txt`](/proposals/270-newhope-hybrid-handshake.txt): RebelAlliance: A Post-Quantum Secure Hybrid Handshake Based on NewHope \[OBSOLETE\] +* [`271-another-guard-selection.txt`](/proposals/271-another-guard-selection.txt): Another algorithm for guard selection \[CLOSED\] +* [`272-valid-and-running-by-default.txt`](/proposals/272-valid-and-running-by-default.txt): Listed routers should be Valid, Running, and treated as such \[CLOSED\] +* [`273-exit-relay-pinning.txt`](/proposals/273-exit-relay-pinning.txt): Exit relay pinning for web services \[RESERVE\] +* [`274-rotate-onion-keys-less.txt`](/proposals/274-rotate-onion-keys-less.txt): Rotate onion keys less frequently \[CLOSED\] +* [`275-md-published-time-is-silly.txt`](/proposals/275-md-published-time-is-silly.txt): Stop including meaningful "published" time in microdescriptor consensus \[CLOSED\] +* [`276-lower-bw-granularity.txt`](/proposals/276-lower-bw-granularity.txt): Report bandwidth with lower granularity in consensus documents \[DEAD\] +* [`277-detect-id-sharing.txt`](/proposals/277-detect-id-sharing.txt): Detect multiple relay instances running with same ID \[OPEN\] +* [`278-directory-compression-scheme-negotiation.txt`](/proposals/278-directory-compression-scheme-negotiation.txt): Directory Compression Scheme Negotiation \[CLOSED\] +* [`279-naming-layer-api.txt`](/proposals/279-naming-layer-api.txt): A Name System API for Tor Onion Services \[NEEDS-REVISION\] +* [`280-privcount-in-tor.txt`](/proposals/280-privcount-in-tor.txt): Privacy-Preserving Statistics with Privcount in Tor \[SUPERSEDED\] +* [`281-bulk-md-download.txt`](/proposals/281-bulk-md-download.txt): Downloading microdescriptors in bulk \[RESERVE\] +* [`282-remove-named-from-consensus.txt`](/proposals/282-remove-named-from-consensus.txt): Remove "Named" and "Unnamed" handling from consensus voting \[ACCEPTED\] +* [`283-ipv6-in-micro-consensus.txt`](/proposals/283-ipv6-in-micro-consensus.txt): Move IPv6 ORPorts from microdescriptors to the microdesc consensus \[CLOSED\] +* [`284-hsv3-control-port.txt`](/proposals/284-hsv3-control-port.txt): Hidden Service v3 Control Port \[CLOSED\] +* [`285-utf-8.txt`](/proposals/285-utf-8.txt): Directory documents should be standardized as UTF-8 \[ACCEPTED\] +* [`286-hibernation-api.txt`](/proposals/286-hibernation-api.txt): Controller APIs for hibernation access on mobile \[REJECTED\] +* [`287-reduce-lifetime.txt`](/proposals/287-reduce-lifetime.txt): Reduce circuit lifetime without overloading the network \[OPEN\] +* [`288-privcount-with-shamir.txt`](/proposals/288-privcount-with-shamir.txt): Privacy-Preserving Statistics with Privcount in Tor (Shamir version) \[RESERVE\] +* [`289-authenticated-sendmes.txt`](/proposals/289-authenticated-sendmes.txt): Authenticating sendme cells to mitigate bandwidth attacks \[CLOSED\] +* [`290-deprecate-consensus-methods.txt`](/proposals/290-deprecate-consensus-methods.txt): Continuously update consensus methods \[META\] +* [`291-two-guard-nodes.txt`](/proposals/291-two-guard-nodes.txt): The move to two guard nodes \[FINISHED\] +* [`292-mesh-vanguards.txt`](/proposals/292-mesh-vanguards.txt): Mesh-based vanguards \[CLOSED\] +* [`293-know-when-to-publish.txt`](/proposals/293-know-when-to-publish.txt): Other ways for relays to know when to publish \[CLOSED\] +* [`294-tls-1.3.txt`](/proposals/294-tls-1.3.txt): TLS 1.3 Migration \[DRAFT\] +* [`295-relay-crypto-with-adl.txt`](/proposals/295-relay-crypto-with-adl.txt): Using ADL for relay cryptography (solving the crypto-tagging attack) \[OPEN\] +* [`296-expose-bandwidth-files.txt`](/proposals/296-expose-bandwidth-files.txt): Have Directory Authorities expose raw bandwidth list files \[CLOSED\] +* [`297-safer-protover-shutdowns.txt`](/proposals/297-safer-protover-shutdowns.txt): Relaxing the protover-based shutdown rules \[CLOSED\] +* [`298-canonical-families.txt`](/proposals/298-canonical-families.txt): Putting family lines in canonical form \[CLOSED\] +* [`299-ip-failure-count.txt`](/proposals/299-ip-failure-count.txt): Preferring IPv4 or IPv6 based on IP Version Failure Count \[SUPERSEDED\] +* [`300-walking-onions.txt`](/proposals/300-walking-onions.txt): Walking Onions: Scaling and Saving Bandwidth \[INFORMATIONAL\] +* [`301-dont-vote-on-package-fingerprints.txt`](/proposals/301-dont-vote-on-package-fingerprints.txt): Don't include package fingerprints in consensus documents \[CLOSED\] +* [`302-padding-machines-for-onion-clients.txt`](/proposals/302-padding-machines-for-onion-clients.txt): Hiding onion service clients using padding \[CLOSED\] +* [`303-protover-removal-policy.txt`](/proposals/303-protover-removal-policy.txt): When and how to remove support for protocol versions \[OPEN\] +* [`304-socks5-extending-hs-error-codes.txt`](/proposals/304-socks5-extending-hs-error-codes.txt): Extending SOCKS5 Onion Service Error Codes \[CLOSED\] +* [`305-establish-intro-dos-defense-extention.txt`](/proposals/305-establish-intro-dos-defense-extention.txt): ESTABLISH_INTRO Cell DoS Defense Extension \[CLOSED\] +* [`306-ipv6-happy-eyeballs.txt`](/proposals/306-ipv6-happy-eyeballs.txt): A Tor Implementation of IPv6 Happy Eyeballs \[OPEN\] +* [`307-onionbalance-v3.txt`](/proposals/307-onionbalance-v3.txt): Onion Balance Support for Onion Service v3 \[RESERVE\] +* [`308-counter-galois-onion.txt`](/proposals/308-counter-galois-onion.txt): Counter Galois Onion: A New Proposal for Forward-Secure Relay Cryptography \[SUPERSEDED\] +* [`309-optimistic-socks-in-tor.txt`](/proposals/309-optimistic-socks-in-tor.txt): Optimistic SOCKS Data \[OPEN\] +* [`310-bandaid-on-guard-selection.txt`](/proposals/310-bandaid-on-guard-selection.txt): Towards load-balancing in Prop 271 \[CLOSED\] +* [`311-relay-ipv6-reachability.txt`](/proposals/311-relay-ipv6-reachability.txt): Tor Relay IPv6 Reachability \[ACCEPTED\] +* [`312-relay-auto-ipv6-addr.txt`](/proposals/312-relay-auto-ipv6-addr.txt): Tor Relay Automatic IPv6 Address Discovery \[ACCEPTED\] +* [`313-relay-ipv6-stats.txt`](/proposals/313-relay-ipv6-stats.txt): Tor Relay IPv6 Statistics \[ACCEPTED\] +* [`314-allow-markdown-proposals.md`](/proposals/314-allow-markdown-proposals.md): Allow Markdown for proposal format \[CLOSED\] +* [`315-update-dir-required-fields.txt`](/proposals/315-update-dir-required-fields.txt): Updating the list of fields required in directory documents \[CLOSED\] +* [`316-flashflow.md`](/proposals/316-flashflow.md): FlashFlow: A Secure Speed Test for Tor (Parent Proposal) \[DRAFT\] +* [`317-secure-dns-name-resolution.txt`](/proposals/317-secure-dns-name-resolution.txt): Improve security aspects of DNS name resolution \[NEEDS-REVISION\] +* [`318-limit-protovers.md`](/proposals/318-limit-protovers.md): Limit protover values to 0-63 \[CLOSED\] +* [`319-wide-everything.md`](/proposals/319-wide-everything.md): RELAY_FRAGMENT cells \[OBSOLETE\] +* [`320-tap-out-again.md`](/proposals/320-tap-out-again.md): Removing TAP usage from v2 onion services \[REJECTED\] +* [`321-happy-families.md`](/proposals/321-happy-families.md): Better performance and usability for the MyFamily option (v2) \[ACCEPTED\] +* [`322-dirport-linkspec.md`](/proposals/322-dirport-linkspec.md): Extending link specifiers to include the directory port \[OPEN\] +* [`323-walking-onions-full.md`](/proposals/323-walking-onions-full.md): Specification for Walking Onions \[OPEN\] +* [`324-rtt-congestion-control.txt`](/proposals/324-rtt-congestion-control.txt): RTT-based Congestion Control for Tor \[FINISHED\] +* [`325-packed-relay-cells.md`](/proposals/325-packed-relay-cells.md): Packed relay cells: saving space on small commands \[OBSOLETE\] +* [`326-tor-relay-well-known-uri-rfc8615.md`](/proposals/326-tor-relay-well-known-uri-rfc8615.md): The "tor-relay" Well-Known Resource Identifier \[OPEN\] +* [`327-pow-over-intro.txt`](/proposals/327-pow-over-intro.txt): A First Take at PoW Over Introduction Circuits \[FINISHED\] +* [`328-relay-overload-report.md`](/proposals/328-relay-overload-report.md): Make Relays Report When They Are Overloaded \[CLOSED\] +* [`329-traffic-splitting.txt`](/proposals/329-traffic-splitting.txt): Overcoming Tor's Bottlenecks with Traffic Splitting \[FINISHED\] +* [`330-authority-contact.md`](/proposals/330-authority-contact.md): Modernizing authority contact entries \[OPEN\] +* [`331-res-tokens-for-anti-dos.md`](/proposals/331-res-tokens-for-anti-dos.md): Res tokens: Anonymous Credentials for Onion Service DoS Resilience \[DRAFT\] +* [`332-ntor-v3-with-extra-data.md`](/proposals/332-ntor-v3-with-extra-data.md): Ntor protocol with extra data, version 3 \[CLOSED\] +* [`333-vanguards-lite.md`](/proposals/333-vanguards-lite.md): Vanguards lite \[CLOSED\] +* [`334-middle-only-flag.txt`](/proposals/334-middle-only-flag.txt): A Directory Authority Flag To Mark Relays As Middle-only \[SUPERSEDED\] +* [`335-middle-only-redux.md`](/proposals/335-middle-only-redux.md): An authority-only design for MiddleOnly \[CLOSED\] +* [`336-randomize-guard-retries.md`](/proposals/336-randomize-guard-retries.md): Randomized schedule for guard retries \[CLOSED\] +* [`337-simpler-guard-usability.md`](/proposals/337-simpler-guard-usability.md): A simpler way to decide, "Is this guard usable?" \[CLOSED\] +* [`338-netinfo-y2038.md`](/proposals/338-netinfo-y2038.md): Use an 8-byte timestamp in NETINFO cells \[ACCEPTED\] +* [`339-udp-over-tor.md`](/proposals/339-udp-over-tor.md): UDP traffic over Tor \[ACCEPTED\] +* [`340-packed-and-fragmented.md`](/proposals/340-packed-and-fragmented.md): Packed and fragmented relay messages \[OPEN\] +* [`341-better-oos.md`](/proposals/341-better-oos.md): A better algorithm for out-of-sockets eviction \[OPEN\] +* [`342-decouple-hs-interval.md`](/proposals/342-decouple-hs-interval.md): Decoupling hs_interval and SRV lifetime \[DRAFT\] +* [`343-rend-caa.txt`](/proposals/343-rend-caa.txt): CAA Extensions for the Tor Rendezvous Specification \[OPEN\] +* [`344-protocol-info-leaks.txt`](/proposals/344-protocol-info-leaks.txt): Prioritizing Protocol Information Leaks in Tor \[OPEN\] +* [`345-specs-in-mdbook.md`](/proposals/345-specs-in-mdbook.md): Migrating the tor specifications to mdbook \[CLOSED\] +* [`346-protovers-again.md`](/proposals/346-protovers-again.md): Clarifying and extending the use of protocol versioning \[OPEN\] +* [`347-domain-separation.md`](/proposals/347-domain-separation.md): Domain separation for certificate signing keys \[OPEN\] diff --git a/proposals/BY_STATUS.md b/proposals/BY_STATUS.md index 865fac0..0c614ac 100644 --- a/proposals/BY_STATUS.md +++ b/proposals/BY_STATUS.md @@ -313,56 +313,56 @@ DEAD), the proposal has been considered and not adopted (the proposal is REJECTED), or the proposal addresses an issue or a solution that is no longer relevant (the proposal is OBSOLETE). -* [`098-todo.txt`](/proposals/098-todo.txt): Proposals that should be written [OBSOLETE] -* [`099-misc.txt`](/proposals/099-misc.txt): Miscellaneous proposals [OBSOLETE] -* [`100-tor-spec-udp.txt`](/proposals/100-tor-spec-udp.txt): Tor Unreliable Datagram Extension Proposal [DEAD] -* [`115-two-hop-paths.txt`](/proposals/115-two-hop-paths.txt): Two Hop Paths [DEAD] -* [`116-two-hop-paths-from-guard.txt`](/proposals/116-two-hop-paths-from-guard.txt): Two hop paths from entry guards [DEAD] -* [`120-shutdown-descriptors.txt`](/proposals/120-shutdown-descriptors.txt): Shutdown descriptors when Tor servers stop [DEAD] -* [`127-dirport-mirrors-downloads.txt`](/proposals/127-dirport-mirrors-downloads.txt): Relaying dirport requests to Tor download site / website [OBSOLETE] -* [`128-bridge-families.txt`](/proposals/128-bridge-families.txt): Families of private bridges [DEAD] -* [`131-verify-tor-usage.txt`](/proposals/131-verify-tor-usage.txt): Help users to verify they are using Tor [OBSOLETE] -* [`132-browser-check-tor-service.txt`](/proposals/132-browser-check-tor-service.txt): A Tor Web Service For Verifying Correct Browser Configuration [OBSOLETE] -* [`134-robust-voting.txt`](/proposals/134-robust-voting.txt): More robust consensus voting with diverse authority sets [REJECTED] -* [`141-jit-sd-downloads.txt`](/proposals/141-jit-sd-downloads.txt): Download server descriptors on demand [OBSOLETE] -* [`142-combine-intro-and-rend-points.txt`](/proposals/142-combine-intro-and-rend-points.txt): Combine Introduction and Rendezvous Points [DEAD] -* [`144-enforce-distinct-providers.txt`](/proposals/144-enforce-distinct-providers.txt): Increase the diversity of circuits by detecting nodes belonging the same provider [OBSOLETE] -* [`147-prevoting-opinions.txt`](/proposals/147-prevoting-opinions.txt): Eliminate the need for v2 directories in generating v3 directories [REJECTED] -* [`164-reporting-server-status.txt`](/proposals/164-reporting-server-status.txt): Reporting the status of server votes [OBSOLETE] -* [`165-simple-robust-voting.txt`](/proposals/165-simple-robust-voting.txt): Easy migration for voting authority sets [REJECTED] -* [`168-reduce-circwindow.txt`](/proposals/168-reduce-circwindow.txt): Reduce default circuit window [REJECTED] -* [`173-getinfo-option-expansion.txt`](/proposals/173-getinfo-option-expansion.txt): GETINFO Option Expansion [OBSOLETE] -* [`175-automatic-node-promotion.txt`](/proposals/175-automatic-node-promotion.txt): Automatically promoting Tor clients to nodes [REJECTED] -* [`182-creditbucket.txt`](/proposals/182-creditbucket.txt): Credit Bucket [OBSOLETE] -* [`189-authorize-cell.txt`](/proposals/189-authorize-cell.txt): AUTHORIZE and AUTHORIZED cells [OBSOLETE] -* [`190-shared-secret-bridge-authorization.txt`](/proposals/190-shared-secret-bridge-authorization.txt): Bridge Client Authorization Based on a Shared Secret [OBSOLETE] -* [`191-mitm-bridge-detection-resistance.txt`](/proposals/191-mitm-bridge-detection-resistance.txt): Bridge Detection Resistance against MITM-capable Adversaries [OBSOLETE] -* [`192-store-bridge-information.txt`](/proposals/192-store-bridge-information.txt): Automatically retrieve and store information about bridges [OBSOLETE] -* [`195-TLS-normalization-for-024.txt`](/proposals/195-TLS-normalization-for-024.txt): TLS certificate normalization for Tor 0.2.4.x [DEAD] -* [`197-postmessage-ipc.txt`](/proposals/197-postmessage-ipc.txt): Message-based Inter-Controller IPC Channel [REJECTED] -* [`199-bridgefinder-integration.txt`](/proposals/199-bridgefinder-integration.txt): Integration of BridgeFinder and BridgeFinderHelper [OBSOLETE] -* [`203-https-frontend.txt`](/proposals/203-https-frontend.txt): Avoiding censorship by impersonating an HTTPS server [OBSOLETE] -* [`209-path-bias-tuning.txt`](/proposals/209-path-bias-tuning.txt): Tuning the Parameters for the Path Bias Defense [OBSOLETE] -* [`213-remove-stream-sendmes.txt`](/proposals/213-remove-stream-sendmes.txt): Remove stream-level sendmes from the design [DEAD] -* [`229-further-socks5-extensions.txt`](/proposals/229-further-socks5-extensions.txt): Further SOCKS5 extensions [REJECTED] -* [`230-rsa1024-relay-id-migration.txt`](/proposals/230-rsa1024-relay-id-migration.txt): How to change RSA1024 relay identity keys [OBSOLETE] -* [`231-migrate-authority-rsa1024-ids.txt`](/proposals/231-migrate-authority-rsa1024-ids.txt): Migrating authority RSA1024 identity keys [OBSOLETE] -* [`233-quicken-tor2web-mode.txt`](/proposals/233-quicken-tor2web-mode.txt): Making Tor2Web mode faster [REJECTED] -* [`234-remittance-addresses.txt`](/proposals/234-remittance-addresses.txt): Adding remittance field to directory specification [REJECTED] -* [`241-suspicious-guard-turnover.txt`](/proposals/241-suspicious-guard-turnover.txt): Resisting guard-turnover attacks [REJECTED] -* [`246-merge-hsdir-and-intro.txt`](/proposals/246-merge-hsdir-and-intro.txt): Merging Hidden Service Directories and Introduction Points [REJECTED] -* [`253-oob-hmac.txt`](/proposals/253-oob-hmac.txt): Out of Band Circuit HMACs [DEAD] -* [`258-dirauth-dos.txt`](/proposals/258-dirauth-dos.txt): Denial-of-service resistance for directory authorities [DEAD] -* [`259-guard-selection.txt`](/proposals/259-guard-selection.txt): New Guard Selection Behaviour [OBSOLETE] -* [`261-aez-crypto.txt`](/proposals/261-aez-crypto.txt): AEZ for relay cryptography [OBSOLETE] -* [`263-ntru-for-pq-handshake.txt`](/proposals/263-ntru-for-pq-handshake.txt): Request to change key exchange protocol for handshake v1.2 [OBSOLETE] -* [`268-guard-selection.txt`](/proposals/268-guard-selection.txt): New Guard Selection Behaviour [OBSOLETE] -* [`270-newhope-hybrid-handshake.txt`](/proposals/270-newhope-hybrid-handshake.txt): RebelAlliance: A Post-Quantum Secure Hybrid Handshake Based on NewHope [OBSOLETE] -* [`276-lower-bw-granularity.txt`](/proposals/276-lower-bw-granularity.txt): Report bandwidth with lower granularity in consensus documents [DEAD] -* [`286-hibernation-api.txt`](/proposals/286-hibernation-api.txt): Controller APIs for hibernation access on mobile [REJECTED] -* [`319-wide-everything.md`](/proposals/319-wide-everything.md): RELAY_FRAGMENT cells [OBSOLETE] -* [`320-tap-out-again.md`](/proposals/320-tap-out-again.md): Removing TAP usage from v2 onion services [REJECTED] -* [`325-packed-relay-cells.md`](/proposals/325-packed-relay-cells.md): Packed relay cells: saving space on small commands [OBSOLETE] +* [`098-todo.txt`](/proposals/098-todo.txt): Proposals that should be written \[OBSOLETE\] +* [`099-misc.txt`](/proposals/099-misc.txt): Miscellaneous proposals \[OBSOLETE\] +* [`100-tor-spec-udp.txt`](/proposals/100-tor-spec-udp.txt): Tor Unreliable Datagram Extension Proposal \[DEAD\] +* [`115-two-hop-paths.txt`](/proposals/115-two-hop-paths.txt): Two Hop Paths \[DEAD\] +* [`116-two-hop-paths-from-guard.txt`](/proposals/116-two-hop-paths-from-guard.txt): Two hop paths from entry guards \[DEAD\] +* [`120-shutdown-descriptors.txt`](/proposals/120-shutdown-descriptors.txt): Shutdown descriptors when Tor servers stop \[DEAD\] +* [`127-dirport-mirrors-downloads.txt`](/proposals/127-dirport-mirrors-downloads.txt): Relaying dirport requests to Tor download site / website \[OBSOLETE\] +* [`128-bridge-families.txt`](/proposals/128-bridge-families.txt): Families of private bridges \[DEAD\] +* [`131-verify-tor-usage.txt`](/proposals/131-verify-tor-usage.txt): Help users to verify they are using Tor \[OBSOLETE\] +* [`132-browser-check-tor-service.txt`](/proposals/132-browser-check-tor-service.txt): A Tor Web Service For Verifying Correct Browser Configuration \[OBSOLETE\] +* [`134-robust-voting.txt`](/proposals/134-robust-voting.txt): More robust consensus voting with diverse authority sets \[REJECTED\] +* [`141-jit-sd-downloads.txt`](/proposals/141-jit-sd-downloads.txt): Download server descriptors on demand \[OBSOLETE\] +* [`142-combine-intro-and-rend-points.txt`](/proposals/142-combine-intro-and-rend-points.txt): Combine Introduction and Rendezvous Points \[DEAD\] +* [`144-enforce-distinct-providers.txt`](/proposals/144-enforce-distinct-providers.txt): Increase the diversity of circuits by detecting nodes belonging the same provider \[OBSOLETE\] +* [`147-prevoting-opinions.txt`](/proposals/147-prevoting-opinions.txt): Eliminate the need for v2 directories in generating v3 directories \[REJECTED\] +* [`164-reporting-server-status.txt`](/proposals/164-reporting-server-status.txt): Reporting the status of server votes \[OBSOLETE\] +* [`165-simple-robust-voting.txt`](/proposals/165-simple-robust-voting.txt): Easy migration for voting authority sets \[REJECTED\] +* [`168-reduce-circwindow.txt`](/proposals/168-reduce-circwindow.txt): Reduce default circuit window \[REJECTED\] +* [`173-getinfo-option-expansion.txt`](/proposals/173-getinfo-option-expansion.txt): GETINFO Option Expansion \[OBSOLETE\] +* [`175-automatic-node-promotion.txt`](/proposals/175-automatic-node-promotion.txt): Automatically promoting Tor clients to nodes \[REJECTED\] +* [`182-creditbucket.txt`](/proposals/182-creditbucket.txt): Credit Bucket \[OBSOLETE\] +* [`189-authorize-cell.txt`](/proposals/189-authorize-cell.txt): AUTHORIZE and AUTHORIZED cells \[OBSOLETE\] +* [`190-shared-secret-bridge-authorization.txt`](/proposals/190-shared-secret-bridge-authorization.txt): Bridge Client Authorization Based on a Shared Secret \[OBSOLETE\] +* [`191-mitm-bridge-detection-resistance.txt`](/proposals/191-mitm-bridge-detection-resistance.txt): Bridge Detection Resistance against MITM-capable Adversaries \[OBSOLETE\] +* [`192-store-bridge-information.txt`](/proposals/192-store-bridge-information.txt): Automatically retrieve and store information about bridges \[OBSOLETE\] +* [`195-TLS-normalization-for-024.txt`](/proposals/195-TLS-normalization-for-024.txt): TLS certificate normalization for Tor 0.2.4.x \[DEAD\] +* [`197-postmessage-ipc.txt`](/proposals/197-postmessage-ipc.txt): Message-based Inter-Controller IPC Channel \[REJECTED\] +* [`199-bridgefinder-integration.txt`](/proposals/199-bridgefinder-integration.txt): Integration of BridgeFinder and BridgeFinderHelper \[OBSOLETE\] +* [`203-https-frontend.txt`](/proposals/203-https-frontend.txt): Avoiding censorship by impersonating an HTTPS server \[OBSOLETE\] +* [`209-path-bias-tuning.txt`](/proposals/209-path-bias-tuning.txt): Tuning the Parameters for the Path Bias Defense \[OBSOLETE\] +* [`213-remove-stream-sendmes.txt`](/proposals/213-remove-stream-sendmes.txt): Remove stream-level sendmes from the design \[DEAD\] +* [`229-further-socks5-extensions.txt`](/proposals/229-further-socks5-extensions.txt): Further SOCKS5 extensions \[REJECTED\] +* [`230-rsa1024-relay-id-migration.txt`](/proposals/230-rsa1024-relay-id-migration.txt): How to change RSA1024 relay identity keys \[OBSOLETE\] +* [`231-migrate-authority-rsa1024-ids.txt`](/proposals/231-migrate-authority-rsa1024-ids.txt): Migrating authority RSA1024 identity keys \[OBSOLETE\] +* [`233-quicken-tor2web-mode.txt`](/proposals/233-quicken-tor2web-mode.txt): Making Tor2Web mode faster \[REJECTED\] +* [`234-remittance-addresses.txt`](/proposals/234-remittance-addresses.txt): Adding remittance field to directory specification \[REJECTED\] +* [`241-suspicious-guard-turnover.txt`](/proposals/241-suspicious-guard-turnover.txt): Resisting guard-turnover attacks \[REJECTED\] +* [`246-merge-hsdir-and-intro.txt`](/proposals/246-merge-hsdir-and-intro.txt): Merging Hidden Service Directories and Introduction Points \[REJECTED\] +* [`253-oob-hmac.txt`](/proposals/253-oob-hmac.txt): Out of Band Circuit HMACs \[DEAD\] +* [`258-dirauth-dos.txt`](/proposals/258-dirauth-dos.txt): Denial-of-service resistance for directory authorities \[DEAD\] +* [`259-guard-selection.txt`](/proposals/259-guard-selection.txt): New Guard Selection Behaviour \[OBSOLETE\] +* [`261-aez-crypto.txt`](/proposals/261-aez-crypto.txt): AEZ for relay cryptography \[OBSOLETE\] +* [`263-ntru-for-pq-handshake.txt`](/proposals/263-ntru-for-pq-handshake.txt): Request to change key exchange protocol for handshake v1.2 \[OBSOLETE\] +* [`268-guard-selection.txt`](/proposals/268-guard-selection.txt): New Guard Selection Behaviour \[OBSOLETE\] +* [`270-newhope-hybrid-handshake.txt`](/proposals/270-newhope-hybrid-handshake.txt): RebelAlliance: A Post-Quantum Secure Hybrid Handshake Based on NewHope \[OBSOLETE\] +* [`276-lower-bw-granularity.txt`](/proposals/276-lower-bw-granularity.txt): Report bandwidth with lower granularity in consensus documents \[DEAD\] +* [`286-hibernation-api.txt`](/proposals/286-hibernation-api.txt): Controller APIs for hibernation access on mobile \[REJECTED\] +* [`319-wide-everything.md`](/proposals/319-wide-everything.md): RELAY_FRAGMENT cells \[OBSOLETE\] +* [`320-tap-out-again.md`](/proposals/320-tap-out-again.md): Removing TAP usage from v2 onion services \[REJECTED\] +* [`325-packed-relay-cells.md`](/proposals/325-packed-relay-cells.md): Packed relay cells: saving space on small commands \[OBSOLETE\] -- cgit v1.2.3-54-g00ecf From 601ecfe41ebd10e69f3fdecc85febdc75581f0ff Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 12:58:38 -0600 Subject: Fix missing links --- proposals/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/proposals/README.md b/proposals/README.md index d7b662e..abaeebf 100644 --- a/proposals/README.md +++ b/proposals/README.md @@ -8,10 +8,10 @@ others are under active discussion. If you're looking for a specific proposal, you can find it, by filename, in the summary bar on the left, or at [this index](./BY_INDEX.md). You can also see a list of Tor protocols -by their status at [`README.md`]. +by their status at [`BY_STATUS.md`](./BY_STATUS.md). For information on creating a new proposal, you would ideally look at -[`001-process.txt`]. That file is a bit out-of-date, though, and you +[`001-process.txt`](./001-process.txt). That file is a bit out-of-date, though, and you should probably just contact the developers. * Back to the Tor specifications -- cgit v1.2.3-54-g00ecf From f275aa9f638ddef1f83006260ac27c609a426a45 Mon Sep 17 00:00:00 2001 From: Jim Newsome Date: Thu, 9 Nov 2023 18:45:08 -0600 Subject: build_html: add some hints about build deps --- bin/build_html | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/bin/build_html b/bin/build_html index 0a3d7f6..67fc067 100755 --- a/bin/build_html +++ b/bin/build_html @@ -32,6 +32,7 @@ if test -n "${MMDC:-}" || command -v "mmdc" >&/dev/null; then # (The conversion involves npm and a headless chrome browser, # to it is understandable that not everybody would want to do it # this way.) + echo "Using mermaid-cli to pre-render mermaid diagrams" TMPDIR=$(mktemp -d "${TOPLEVEL}/tmp_mmdc.XXXXXXXX") trap 'rm -rf "$TMPDIR"' 0 @@ -47,6 +48,8 @@ elif test -n "${MDBOOK_MERMAID:-}" || command -v "mdbook-mermaid" >&/dev/null; t # This is much easier to run locally, but it requires that your # browser has enough client-side javascript in order to run # mermaid. It doesn't touch npm. + echo "Using mdbook-mermaid to set up dynamic rendering of mermaid diagrams" + MDBOOK_MERMAID=${MDBOOK_MERMAID:=mdbook-mermaid} TMPDIR=$(mktemp -d "${TOPLEVEL}/tmp_mdbook_mermaid.XXXXXXXX") trap 'rm -rf "$TMPDIR"' 0 @@ -60,10 +63,19 @@ else # # In this case we run mdbook on our inputs unchanged. # The mermaid blocks will render as code. + echo "No mermaid support found; mermaid diagrams will be unrendered" + MDBOOK_OUTPUT_DIR="" MDBOOK_DIR="$TOPLEVEL/mdbook" fi +# mdbook-linkcheck is a non-obvious dependency, and the mdbook output when it's +# not found doesn't spell out how to install it. +if ! command -v mdbook-linkcheck; then + echo 'ERROR: mdbook-linkcheck not found. You should probably install it with `cargo install mdbook-linkcheck`' + exit 1 +fi + $MDBOOK build "${MDBOOK_DIR}/spec" $MDBOOK build "${MDBOOK_DIR}/proposals" -- cgit v1.2.3-54-g00ecf