Filename: 000-index.txt Title: Index of Tor Proposals Author: Nick Mathewson Created: 26-Jan-2007 Status: Meta Overview: This document provides an index to Tor proposals. This is an informational document. Everything in this document below the line of '=' signs is automatically generated by reindex.py; do not edit by hand. ============================================================ Proposals by number: 000 Index of Tor Proposals [META] 001 The Tor Proposal Process [META] 098 Proposals that should be written [META] 099 Miscellaneous proposals [META] 100 Tor Unreliable Datagram Extension Proposal [DEAD] 101 Voting on the Tor Directory System [CLOSED] 102 Dropping "opt" from the directory format [CLOSED] 103 Splitting identity key from regularly used signing key [CLOSED] 104 Long and Short Router Descriptors [CLOSED] 105 Version negotiation for the Tor protocol [CLOSED] 106 Checking fewer things during TLS handshakes [CLOSED] 107 Uptime Sanity Checking [CLOSED] 108 Base "Stable" Flag on Mean Time Between Failures [CLOSED] 109 No more than one server per IP address [CLOSED] 110 Avoiding infinite length circuits [CLOSED] 111 Prioritizing local traffic over relayed traffic [CLOSED] 112 Bring Back Pathlen Coin Weight [SUPERSEDED] 113 Simplifying directory authority administration [SUPERSEDED] 114 Distributed Storage for Tor Hidden Service Descriptors [CLOSED] 115 Two Hop Paths [DEAD] 116 Two hop paths from entry guards [DEAD] 117 IPv6 exits [CLOSED] 118 Advertising multiple ORPorts at once [SUPERSEDED] 119 New PROTOCOLINFO command for controllers [CLOSED] 120 Shutdown descriptors when Tor servers stop [DEAD] 121 Hidden Service Authentication [FINISHED] 122 Network status entries need a new Unnamed flag [CLOSED] 123 Naming authorities automatically create bindings [CLOSED] 124 Blocking resistant TLS certificate usage [SUPERSEDED] 125 Behavior for bridge users, bridge relays, and bridge authorities [CLOSED] 126 Getting GeoIP data and publishing usage summaries [CLOSED] 127 Relaying dirport requests to Tor download site / website [OBSOLETE] 128 Families of private bridges [DEAD] 129 Block Insecure Protocols by Default [CLOSED] 130 Version 2 Tor connection protocol [CLOSED] 131 Help users to verify they are using Tor [OBSOLETE] 132 A Tor Web Service For Verifying Correct Browser Configuration [OBSOLETE] 133 Incorporate Unreachable ORs into the Tor Network [RESERVE] 134 More robust consensus voting with diverse authority sets [REJECTED] 135 Simplify Configuration of Private Tor Networks [CLOSED] 136 Mass authority migration with legacy keys [CLOSED] 137 Keep controllers informed as Tor bootstraps [CLOSED] 138 Remove routers that are not Running from consensus documents [CLOSED] 139 Download consensus documents only when it will be trusted [CLOSED] 140 Provide diffs between consensuses [ACCEPTED] 141 Download server descriptors on demand [OBSOLETE] 142 Combine Introduction and Rendezvous Points [DEAD] 143 Improvements of Distributed Storage for Tor Hidden Service Descriptors [SUPERSEDED] 144 Increase the diversity of circuits by detecting nodes belonging the same provider [OBSOLETE] 145 Separate "suitable as a guard" from "suitable as a new guard" [SUPERSEDED] 146 Add new flag to reflect long-term stability [SUPERSEDED] 147 Eliminate the need for v2 directories in generating v3 directories [REJECTED] 148 Stream end reasons from the client side should be uniform [CLOSED] 149 Using data from NETINFO cells [SUPERSEDED] 150 Exclude Exit Nodes from a circuit [CLOSED] 151 Improving Tor Path Selection [FINISHED] 152 Optionally allow exit from single-hop circuits [CLOSED] 153 Automatic software update protocol [SUPERSEDED] 154 Automatic Software Update Protocol [SUPERSEDED] 155 Four Improvements of Hidden Service Performance [FINISHED] 156 Tracking blocked ports on the client side [SUPERSEDED] 157 Make certificate downloads specific [CLOSED] 158 Clients download consensus + microdescriptors [FINISHED] 159 Exit Scanning [INFORMATIONAL] 160 Authorities vote for bandwidth offsets in consensus [FINISHED] 161 Computing Bandwidth Adjustments [FINISHED] 162 Publish the consensus in multiple flavors [FINISHED] 163 Detecting whether a connection comes from a client [SUPERSEDED] 164 Reporting the status of server votes [OPEN] 165 Easy migration for voting authority sets [OPEN] 166 Including Network Statistics in Extra-Info Documents [CLOSED] 167 Vote on network parameters in consensus [CLOSED] 168 Reduce default circuit window [OPEN] 169 Eliminate TLS renegotiation for the Tor connection handshake [SUPERSEDED] 170 Configuration options regarding circuit building [SUPERSEDED] 171 Separate streams across circuits by connection metadata [CLOSED] 172 GETINFO controller option for circuit information [ACCEPTED] 173 GETINFO Option Expansion [ACCEPTED] 174 Optimistic Data for Tor: Server Side [CLOSED] 175 Automatically promoting Tor clients to nodes [REJECTED] 176 Proposed version-3 link handshake for Tor [CLOSED] 177 Abstaining from votes on individual flags [OPEN] 178 Require majority of authorities to vote for consensus parameters [CLOSED] 179 TLS certificate and parameter normalization [CLOSED] 180 Pluggable transports for circumvention [CLOSED] 181 Optimistic Data for Tor: Client Side [CLOSED] 182 Credit Bucket [OPEN] 183 Refill Intervals [CLOSED] 184 Miscellaneous changes for a v3 Tor link protocol [CLOSED] 185 Directory caches without DirPort [SUPERSEDED] 186 Multiple addresses for one OR or bridge [CLOSED] 187 Reserve a cell type to allow client authorization [CLOSED] 188 Bridge Guards and other anti-enumeration defenses [ACCEPTED] 189 AUTHORIZE and AUTHORIZED cells [OPEN] 190 Bridge Client Authorization Based on a Shared Secret [NEEDS-REVISION] 191 Bridge Detection Resistance against MITM-capable Adversaries [OPEN] 192 Automatically retrieve and store information about bridges [OPEN] 193 Safe cookie authentication for Tor controllers [CLOSED] 194 Mnemonic .onion URLs [SUPERSEDED] 195 TLS certificate normalization for Tor 0.2.4.x [DRAFT] 196 Extended ORPort and TransportControlPort [FINISHED] 197 Message-based Inter-Controller IPC Channel [REJECTED] 198 Restore semantics of TLS ClientHello [CLOSED] 199 Integration of BridgeFinder and BridgeFinderHelper [OBSOLETE] 200 Adding new, extensible CREATE, EXTEND, and related cells [CLOSED] 201 Make bridges report statistics on daily v3 network status requests [OPEN] 202 Two improved relay encryption protocols for Tor cells [OPEN] 203 Avoiding censorship by impersonating an HTTPS server [DRAFT] 204 Subdomain support for Hidden Service addresses [FINISHED] 205 Remove global client-side DNS caching [CLOSED] 206 Preconfigured directory sources for bootstrapping [CLOSED] 207 Directory guards [CLOSED] 208 IPv6 Exits Redux [CLOSED] 209 Tuning the Parameters for the Path Bias Defense [OPEN] 210 Faster Headless Consensus Bootstrapping [OPEN] 211 Internal Mapaddress for Tor Configuration Testing [RESERVE] 212 Increase Acceptable Consensus Age [OPEN] 213 Remove stream-level sendmes from the design [DEAD] 214 Allow 4-byte circuit IDs in a new link protocol [CLOSED] 215 Let the minimum consensus method change with time [CLOSED] 216 Improved circuit-creation key exchange [CLOSED] 217 Tor Extended ORPort Authentication [FINISHED] 218 Controller events to better understand connection/circuit usage [CLOSED] 219 Support for full DNS and DNSSEC resolution in Tor [OPEN] 220 Migrate server identity keys to Ed25519 [ACCEPTED] 221 Stop using CREATE_FAST [CLOSED] 222 Stop sending client timestamps [CLOSED] 223 Ace: Improved circuit-creation key exchange [RESERVE] 224 Next-Generation Hidden Services in Tor [OPEN] 225 Strawman proposal: commit-and-reveal shared rng [SUPERSEDED] 226 "Scalability and Stability Improvements to BridgeDB: Switching to a Distributed Database System and RDBMS" [OPEN] 227 Include package fingerprints in consensus documents [CLOSED] 228 Cross-certifying identity keys with onion keys [CLOSED] 229 Further SOCKS5 extensions [OPEN] 230 How to change RSA1024 relay identity keys [DRAFT] 231 Migrating authority RSA1024 identity keys [DRAFT] 232 Pluggable Transport through SOCKS proxy [FINISHED] 233 Making Tor2Web mode faster [OPEN] 234 Adding remittance field to directory specification [OPEN] 235 Stop assigning (and eventually supporting) the Named flag [FINISHED] 236 The move to a single guard node [OPEN] 237 All relays are directory servers [OPEN] 238 Better hidden service stats from Tor relays [CLOSED] 239 Consensus Hash Chaining [DRAFT] 240 Early signing key revocation for directory authorities [DRAFT] 241 Resisting guard-turnover attacks [REJECTED] 242 Better performance and usability for the MyFamily option [OPEN] 243 Give out HSDir flag only to relays with Stable flag [CLOSED] 244 Use RFC5705 Key Exporting in our AUTHENTICATE calls [ACCEPTED] 245 Deprecating and removing the TAP circuit extension protocol [DRAFT] 246 Merging Hidden Service Directories and Introduction Points [NEEDS-RESEARCH] 247 Defending Against Guard Discovery Attacks using Vanguards [DRAFT] 248 Remove all RSA identity keys [DRAFT] 249 Allow CREATE cells with >505 bytes of handshake data [DRAFT] 250 Random Number Generation During Tor Voting [CLOSED] 251 Padding for netflow record resolution reduction [DRAFT] 252 Single Onion Services [DRAFT] 253 Out of Band Circuit HMACs [DRAFT] 254 Padding Negotiation [DRAFT] 255 Controller features to allow for load-balancing hidden services [DRAFT] 256 Key revocation for relays and authorities [OPEN] 257 Refactoring authorities and making them more isolated from the net [META] 258 Denial-of-service resistance for directory authorities [ACCEPTED] 259 New Guard Selection Behaviour [OBSOLETE] 260 Rendezvous Single Onion Services [FINISHED] 261 AEZ for relay cryptography [OPEN] 262 Re-keying live circuits with new cryptographic material [OPEN] 263 Request to change key exchange protocol for handshake v1.2 [OBSOLETE] 264 Putting version numbers on the Tor subprotocols [CLOSED] 265 Load Balancing with Overhead Parameters [ACCEPTED] 266 Removing current obsolete clients from the Tor network [DRAFT] 267 Tor Consensus Transparency [DRAFT] 268 New Guard Selection Behaviour [OBSOLETE] 269 Transitionally secure hybrid handshakes [DRAFT] 270 RebelAlliance: A Post-Quantum Secure Hybrid Handshake Based on NewHope [DRAFT] 271 Another algorithm for guard selection [CLOSED] 272 Listed routers should be Valid, Running, and treated as such [FINISHED] 273 Exit relay pinning for web services [DRAFT] 274 Rotate onion keys less frequently [OPEN] 275 Stop including meaningful "published" time in microdescriptor consensus [OPEN] 276 Report bandwidth with lower granularity in consensus documents [OPEN] 277 Detect multiple relay instances running with same ID [OPEN] Proposals by status: DRAFT: 195 TLS certificate normalization for Tor 0.2.4.x [for 0.2.4.x] 203 Avoiding censorship by impersonating an HTTPS server 230 How to change RSA1024 relay identity keys [for 0.2.?] 231 Migrating authority RSA1024 identity keys [for 0.2.?] 239 Consensus Hash Chaining 240 Early signing key revocation for directory authorities 245 Deprecating and removing the TAP circuit extension protocol 247 Defending Against Guard Discovery Attacks using Vanguards 248 Remove all RSA identity keys 249 Allow CREATE cells with >505 bytes of handshake data 251 Padding for netflow record resolution reduction 252 Single Onion Services 253 Out of Band Circuit HMACs 254 Padding Negotiation 255 Controller features to allow for load-balancing hidden services 266 Removing current obsolete clients from the Tor network 267 Tor Consensus Transparency 269 Transitionally secure hybrid handshakes 270 RebelAlliance: A Post-Quantum Secure Hybrid Handshake Based on NewHope 273 Exit relay pinning for web services [for n/a] NEEDS-REVISION: 190 Bridge Client Authorization Based on a Shared Secret NEEDS-RESEARCH: 246 Merging Hidden Service Directories and Introduction Points OPEN: 164 Reporting the status of server votes 165 Easy migration for voting authority sets 168 Reduce default circuit window 177 Abstaining from votes on individual flags [for 0.2.4.x] 182 Credit Bucket 189 AUTHORIZE and AUTHORIZED cells 191 Bridge Detection Resistance against MITM-capable Adversaries 192 Automatically retrieve and store information about bridges [for 0.2.[45].x] 201 Make bridges report statistics on daily v3 network status requests [for 0.2.4.x] 202 Two improved relay encryption protocols for Tor cells 209 Tuning the Parameters for the Path Bias Defense [for 0.2.4.x+] 210 Faster Headless Consensus Bootstrapping [for 0.2.8.x+] 212 Increase Acceptable Consensus Age [for 0.2.4.x+] 219 Support for full DNS and DNSSEC resolution in Tor [for 0.2.5.x] 224 Next-Generation Hidden Services in Tor 226 "Scalability and Stability Improvements to BridgeDB: Switching to a Distributed Database System and RDBMS" 229 Further SOCKS5 extensions 233 Making Tor2Web mode faster 234 Adding remittance field to directory specification 236 The move to a single guard node 237 All relays are directory servers [for 0.2.7.x] 242 Better performance and usability for the MyFamily option 256 Key revocation for relays and authorities 261 AEZ for relay cryptography 262 Re-keying live circuits with new cryptographic material 274 Rotate onion keys less frequently [for 0.3.1.x-alpha] 275 Stop including meaningful "published" time in microdescriptor consensus [for 0.3.1.x-alpha] 276 Report bandwidth with lower granularity in consensus documents [for 0.3.1.x-alpha] 277 Detect multiple relay instances running with same ID [for 0.3.??] ACCEPTED: 140 Provide diffs between consensuses 172 GETINFO controller option for circuit information 173 GETINFO Option Expansion 188 Bridge Guards and other anti-enumeration defenses 220 Migrate server identity keys to Ed25519 [for 0.2.x.x] 244 Use RFC5705 Key Exporting in our AUTHENTICATE calls 258 Denial-of-service resistance for directory authorities 265 Load Balancing with Overhead Parameters [for 0.2.9.x] META: 000 Index of Tor Proposals 001 The Tor Proposal Process 098 Proposals that should be written 099 Miscellaneous proposals 257 Refactoring authorities and making them more isolated from the net FINISHED: 121 Hidden Service Authentication [in 0.2.1.x] 151 Improving Tor Path Selection 155 Four Improvements of Hidden Service Performance [in 0.2.1.x] 158 Clients download consensus + microdescriptors [in 0.2.3.1-alpha] 160 Authorities vote for bandwidth offsets in consensus [for 0.2.1.x] 161 Computing Bandwidth Adjustments [for 0.2.1.x] 162 Publish the consensus in multiple flavors [in 0.2.3.1-alpha] 196 Extended ORPort and TransportControlPort [for 0.2.4.x] 204 Subdomain support for Hidden Service addresses 217 Tor Extended ORPort Authentication [for 0.2.5.x] 232 Pluggable Transport through SOCKS proxy [in 0.2.6] 235 Stop assigning (and eventually supporting) the Named flag [in 0.2.6, 0.2.7] 260 Rendezvous Single Onion Services 272 Listed routers should be Valid, Running, and treated as such [in 0.2.9.3-alpha, 0.2.9.4-alpha] CLOSED: 101 Voting on the Tor Directory System [in 0.2.0.x] 102 Dropping "opt" from the directory format [in 0.2.0.x] 103 Splitting identity key from regularly used signing key [in 0.2.0.x] 104 Long and Short Router Descriptors [in 0.2.0.x] 105 Version negotiation for the Tor protocol [in 0.2.0.x] 106 Checking fewer things during TLS handshakes [in 0.2.0.x] 107 Uptime Sanity Checking [in 0.2.0.x] 108 Base "Stable" Flag on Mean Time Between Failures [in 0.2.0.x] 109 No more than one server per IP address [in 0.2.0.x] 110 Avoiding infinite length circuits [for 0.2.3.x] [in 0.2.1.3-alpha, 0.2.3.11-alpha] 111 Prioritizing local traffic over relayed traffic [in 0.2.0.x] 114 Distributed Storage for Tor Hidden Service Descriptors [in 0.2.0.x] 117 IPv6 exits [for 0.2.4.x] [in 0.2.4.7-alpha] 119 New PROTOCOLINFO command for controllers [in 0.2.0.x] 122 Network status entries need a new Unnamed flag [in 0.2.0.x] 123 Naming authorities automatically create bindings [in 0.2.0.x] 125 Behavior for bridge users, bridge relays, and bridge authorities [in 0.2.0.x] 126 Getting GeoIP data and publishing usage summaries [in 0.2.0.x] 129 Block Insecure Protocols by Default [in 0.2.0.x] 130 Version 2 Tor connection protocol [in 0.2.0.x] 135 Simplify Configuration of Private Tor Networks [for 0.2.1.x] [in 0.2.1.2-alpha] 136 Mass authority migration with legacy keys [in 0.2.0.x] 137 Keep controllers informed as Tor bootstraps [in 0.2.1.x] 138 Remove routers that are not Running from consensus documents [in 0.2.1.2-alpha] 139 Download consensus documents only when it will be trusted [in 0.2.1.x] 148 Stream end reasons from the client side should be uniform [in 0.2.1.9-alpha] 150 Exclude Exit Nodes from a circuit [in 0.2.1.3-alpha] 152 Optionally allow exit from single-hop circuits [in 0.2.1.6-alpha] 157 Make certificate downloads specific [for 0.2.4.x] 166 Including Network Statistics in Extra-Info Documents [for 0.2.2] 167 Vote on network parameters in consensus [in 0.2.2] 171 Separate streams across circuits by connection metadata [in 0.2.3.3-alpha] 174 Optimistic Data for Tor: Server Side [in 0.2.3.1-alpha] 176 Proposed version-3 link handshake for Tor [for 0.2.3] 178 Require majority of authorities to vote for consensus parameters [in 0.2.3.9-alpha] 179 TLS certificate and parameter normalization [for 0.2.3.x] 180 Pluggable transports for circumvention [in 0.2.3.x] 181 Optimistic Data for Tor: Client Side [in 0.2.3.3-alpha] 183 Refill Intervals [in 0.2.3.5-alpha] 184 Miscellaneous changes for a v3 Tor link protocol [for 0.2.3.x] 186 Multiple addresses for one OR or bridge [for 0.2.4.x+] 187 Reserve a cell type to allow client authorization [for 0.2.3.x] 193 Safe cookie authentication for Tor controllers 198 Restore semantics of TLS ClientHello [for 0.2.4.x] 200 Adding new, extensible CREATE, EXTEND, and related cells [in 0.2.4.8-alpha] 205 Remove global client-side DNS caching [in 0.2.4.7-alpha.] 206 Preconfigured directory sources for bootstrapping [in 0.2.4.7-alpha] 207 Directory guards [for 0.2.4.x] 208 IPv6 Exits Redux [for 0.2.4.x] [in 0.2.4.7-alpha] 214 Allow 4-byte circuit IDs in a new link protocol [in 0.2.4.11-alpha] 215 Let the minimum consensus method change with time [in 0.2.6.1-alpha] 216 Improved circuit-creation key exchange [in 0.2.4.8-alpha] 218 Controller events to better understand connection/circuit usage [in 0.2.5.2-alpha] 221 Stop using CREATE_FAST [for 0.2.5.x] 222 Stop sending client timestamps [in 0.2.4.18] 227 Include package fingerprints in consensus documents [in 0.2.6.3-alpha] 228 Cross-certifying identity keys with onion keys 238 Better hidden service stats from Tor relays 243 Give out HSDir flag only to relays with Stable flag 250 Random Number Generation During Tor Voting 264 Putting version numbers on the Tor subprotocols [in 0.2.9.4-alpha] 271 Another algorithm for guard selection [in 0.3.0.1-alpha] SUPERSEDED: 112 Bring Back Pathlen Coin Weight 113 Simplifying directory authority administration 118 Advertising multiple ORPorts at once 124 Blocking resistant TLS certificate usage 143 Improvements of Distributed Storage for Tor Hidden Service Descriptors 145 Separate "suitable as a guard" from "suitable as a new guard" 146 Add new flag to reflect long-term stability 149 Using data from NETINFO cells 153 Automatic software update protocol 154 Automatic Software Update Protocol 156 Tracking blocked ports on the client side 163 Detecting whether a connection comes from a client 169 Eliminate TLS renegotiation for the Tor connection handshake 170 Configuration options regarding circuit building 185 Directory caches without DirPort 194 Mnemonic .onion URLs 225 Strawman proposal: commit-and-reveal shared rng DEAD: 100 Tor Unreliable Datagram Extension Proposal 115 Two Hop Paths 116 Two hop paths from entry guards 120 Shutdown descriptors when Tor servers stop 128 Families of private bridges 142 Combine Introduction and Rendezvous Points 213 Remove stream-level sendmes from the design REJECTED: 134 More robust consensus voting with diverse authority sets 147 Eliminate the need for v2 directories in generating v3 directories [for 0.2.4.x] 175 Automatically promoting Tor clients to nodes 197 Message-based Inter-Controller IPC Channel 241 Resisting guard-turnover attacks OBSOLETE: 127 Relaying dirport requests to Tor download site / website 131 Help users to verify they are using Tor 132 A Tor Web Service For Verifying Correct Browser Configuration 141 Download server descriptors on demand 144 Increase the diversity of circuits by detecting nodes belonging the same provider 199 Integration of BridgeFinder and BridgeFinderHelper 259 New Guard Selection Behaviour 263 Request to change key exchange protocol for handshake v1.2 268 New Guard Selection Behaviour RESERVE: 133 Incorporate Unreachable ORs into the Tor Network 211 Internal Mapaddress for Tor Configuration Testing [for 0.2.4.x+] 223 Ace: Improved circuit-creation key exchange INFORMATIONAL: 159 Exit Scanning