<div dir="ltr"><div><div><br></div>Thank you for the feedback on the specification draft, Yawning. We will take all of this feedback into account in the next draft.<br><br></div><div>Some specific points are addressed below.<br></div><div><br></div><div><div><div><div><div><div class="gmail_extra"><div class="gmail_quote">On Mon, Mar 27, 2017 at 12:27 AM, Yawning Angel <span dir="ltr"><<a href="mailto:yawning@schwanenlied.me" target="_blank">yawning@schwanenlied.me</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">NB: I'm personally not doing any circumvention related work at all and<br>
I won't be the one implementing this regardless of what happens, so<br>
feel free to disregard this.<br>
<span class="gmail-"><br>
On Sun, 26 Mar 2017 04:48:44 -0500<br>
Brandon Wiley <<a href="mailto:brandon@blanu.net">brandon@blanu.net</a>> wrote:<br>
> As was discussed in the Pluggable Transports session at TorDev<br>
> Amsterdam, the Pluggable Transports 2.0, draft 1 specification<br>
</span>> [<a href="https://www" rel="noreferrer" target="_blank">https://www</a>. <a href="http://pluggabletransports.info/spec/pt2draft1" rel="noreferrer" target="_blank">pluggabletransports.info/spec/<wbr>pt2draft1</a>] was created by<br>
<span class="gmail-">> a committee of censorship circumvention tool developers: Tor,<br>
> Lantern, Psiphon, and uProxy. It specifies a version of Pluggable<br>
> Transports that meets the needs of multiple circumvention tools.<br>
<br>
</span>The formatting is all fucked up, so I'm commenting based off the PDF<br>
version.<span class="gmail-"><br></span></blockquote><div><br></div><div>I will talk to the website maintainer about the formatting. Here is a link to the PDF version for anyone else that would like to read it: <a href="https://www.pluggabletransports.info/assets/PTSpecV2Draft1.pdf">https://www.pluggabletransports.info/assets/PTSpecV2Draft1.pdf</a><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-">
> There is one major change that has implications for tor, which is<br>
> that the Pluggable Transports 2.0, draft 1 IPC protocol uses a<br>
> different type of SOCKS authentication mechanism, which allows for<br>
> larger parameters to be send to transports.<br>
<br>
</span>Why JSON, and how is that better than the binary Tor Prop 229 SOCKS5<br>
extension?<br></blockquote><div><br></div><div>I was not familiar with Tor Prop 229. It does seem to have a similar purpose. I will read this proposal and get back to you.<br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Unless I'm missing something, the draft as is, does not fully specify<br>
how exactly the new authentication method is supposed to work and is<br>
currently unimplementable. (How is the length of the serialized body<br>
supposed to be determined by the SOCKS proxy side?)<span class="gmail-"><br></span></blockquote><div><br></div><div>Thank you for this feedback, this is very helpful. It seems that this section of the specification draft (3.3.4. Pluggable PT Client Per-Connection Arguments) needs some additional work. We will address this in the next draft.<br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-">
> We are currently working on a 2nd draft of this specification, which<br>
> will incorporate changes and errata from the community censorship<br>
> circumvention tool community. For instance, syntactic errors in the<br>
> documentation of the Go interface will be fixed in draft 2. Tor<br>
> developers participated in the specification meetings, and now<br>
> feedback from the overall Tor community is requested for<br>
> incorporation in the next draft. There will also likely be a 2.1<br>
> specification process, possibility starting August, where we will<br>
> consider larger changes.<br>
<br>
</span>As it stands I don't see a good reason for this to be implemented by<br>
Tor. The larger args is nice, but that can be done with the existing<br>
spec plus Prop 229[0]. The new spec does nothing to address things that<br>
would actually be a good reason to revise the spec either, like making<br>
dual stack bridges actually work, or adding notation for AF_LOCAL<br>
addresses so that containerization isn't painful client side.<br>
<br>
Am I missing something here? This looks like the old spec with<br>
a not-invented-here JSON based Prop. 229 extension and a bunch of<br>
programming language bindings that I'll never use, that defeat the<br>
purpose of the whole "pluggable" notion in the first place.<br>
<br>
(Yes, I'm aware that "What Yawning considers important in a new spec"<br>
has been and apparently still is different from what other people<br>
considers important in a new spec. But if you're going to revise the<br>
spec, at least fix the dual stack problem for fuck's sake.)<br></blockquote><div><br></div><div>I am familiar with the dual stack problem generally, where servers have both IPv4 and IPv6 IP addresses. I was not involved in any conversations regarding the dual stack problem for Pluggable Transports specifically. If you could point me to any documentation on this issue, that would be helpful. Alternatively, if you could explain what the issue is and what possible solutions you'd like to see in a future Pluggable Transports specification, that is something we could make happen in future specifications revisions.<br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Regards,<br>
<span class="gmail-HOEnZb"><font color="#888888"><br>
--<br>
Yawning Angel<br>
<br>
[0]: Or "Just use Socks4a, because IPv6 is fucking broken server side<br>
anyway".<br>
</font></span><br>______________________________<wbr>_________________<br>
tor-dev mailing list<br>
<a href="mailto:tor-dev@lists.torproject.org">tor-dev@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev" rel="noreferrer" target="_blank">https://lists.torproject.org/<wbr>cgi-bin/mailman/listinfo/tor-<wbr>dev</a><br>
<br></blockquote></div><br></div></div></div></div></div></div></div>