[tor-bugs] #16756 [Pluggable transport]: Formalize and document what it takes for a PT to get deployed.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Aug 29 01:16:10 UTC 2015
#16756: Formalize and document what it takes for a PT to get deployed.
-------------------------------------+----------------------
Reporter: yawning | Owner: yawning
Type: task | Status: new
Priority: normal | Milestone:
Component: Pluggable transport | Version:
Resolution: | Keywords: SponsorS
Actual Points: | Parent ID:
Points: |
-------------------------------------+----------------------
Comment (by yawning):
Some thoughts/additional exceptions:
Replying to [comment:2 mikeperry]:
> 2. Pluggable Transports MUST be capable of authenticating the Tor relay
identity key of their underlying Tor bridge (via specifying an identity
fingerprint in PT bridge lines).
Flashproxy like systems may have issues with this (At least I seem to
recall the bridge line being entirely synthetic).
> 4. Pluggable Transports MUST be easy for bridge operators to update
automatically and securely (such as via Debian package, custom apt/yum
repository with GPG signing, or some similar authenticated update
mechanism). These updates SHOULD be possible to easily perform over Tor.
Shared infrastructure transports such as meek MAY be exempt from this
requirement.
> 5. Pluggable Transports MUST NOT reveal their installation or update
activity to third parties in a way that allows them to identify either the
full set of installed bridges, or the set of clients.
Shared infrastructure transports such as meek MAY be exempt from this
requirement.
Some additions:
10. Pluggable Transports MUST be capable of being built
deterministically by the Tor Browser build system.
11. Pluggable Transports MUST support all officially supported Tor
Browser platforms, and SHOULD additionally support Android.
12. Pluggable Transports MUST NOT operate in a manner that is harmful to
the health of the Internet as a whole (Eg: TCP friendly congestion control
MUST be implemented if required).
13. Pluggable Transports MUST NOT operate in a manner considered
unethical (Subjective. Want to prevent stealing resources, using a
botnet, etc).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16756#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list