[or-cvs] r12307: Mark some finished items finished, some deferred items defer (in tor/trunk: . doc)
nickm at seul.org
nickm at seul.org
Thu Nov 1 04:38:45 UTC 2007
Author: nickm
Date: 2007-11-01 00:38:45 -0400 (Thu, 01 Nov 2007)
New Revision: 12307
Modified:
tor/trunk/
tor/trunk/doc/TODO
Log:
r16323 at catbus: nickm | 2007-11-01 00:32:12 -0400
Mark some finished items finished, some deferred items deferred, and move some "nice to haves" into "deferred-land."
Property changes on: tor/trunk
___________________________________________________________________
svk:merge ticket from /tor/trunk [r16323] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/trunk/doc/TODO
===================================================================
--- tor/trunk/doc/TODO 2007-11-01 04:38:43 UTC (rev 12306)
+++ tor/trunk/doc/TODO 2007-11-01 04:38:45 UTC (rev 12307)
@@ -24,10 +24,10 @@
o Support for preconfigured mirror lists
o Use a pre-shipped fallback consensus.
o Code to install a pre-defined fallback consensus
- . Download consensuses (et al) via if-modified-since
+ o Download consensuses (et al) via if-modified-since
o Implement backend support for sending if-modified-since
o Use it for consensuses.
- - Use it for certificates
+ D Use it for certificates
o base Guard flag on WFU rather than on MTBF.
o Change guard calculation
o Change dir-spec.txt
@@ -57,6 +57,7 @@
and send netinfo and be "open".
o On netinfo, warn if there's skew from a server.
- Learn our outgoing IP address from netinfo cells?
+ - Earliest stages of 110 (infinite-length) in v2 protocol.
- TLS only
- Need to get a finished TLS normalization proposal
- Revised authentication.
@@ -108,16 +109,16 @@
of their first test, and then never seeing use.
- Proposals:
- . 101: Voting on the Tor Directory System (plus 103)
- - Handle badly timed certificates properly.
- . Start caching consensus documents once authorities make them;
+ o 101: Voting on the Tor Directory System (plus 103)
+ o Handle badly timed certificates properly.
+ o Start caching consensus documents once authorities make them;
start downloading consensus documents once caches serve
them
o Code to delay next download while fetching certificates to verify
a consensus we already got.
o Code to retry consensus download if we got one we already have.
- - Use if-modified-since on consensus download
- - Use if-modified-since on certificate download
+ D Use if-modified-since on consensus download
+ o Use if-modified-since on certificate download
- Controller support
- GETINFO to get consensus
- Event when new consensus arrives
@@ -140,7 +141,7 @@
o Do TLS rotation less often than "every 10 minutes" in the thrashy case.
D Do TLS connection rotation more often than "once a week" in the
extra-stable case.
- - Streamline how we pick entry nodes: Make choose_random_entry() have
+ D Streamline how we pick entry nodes: Make choose_random_entry() have
less magic and less control logic.
- Refactor networkstatus generation:
- Include "v" line in getinfo values.
@@ -185,28 +186,27 @@
- Make BEGIN_DIR mandatory for asking questions of bridge authorities?
- Features (other than bridges):
- - Blocking-resistance.
- - Write a proposal; make this part of 105.
- Audit how much RAM we're using for buffers and cell pools; try to
trim down a lot.
- Base relative control socket paths on datadir.
- - We should ship with a list of stable dir mirrors -- they're not
+ o We should ship with a list of stable dir mirrors -- they're not
trusted like the authorities, but they'll provide more robustness
and diversity for bootstrapping clients.
- - Implement this as a list of routerstatus, like fake_routerstatus in
+ X Implement this as a list of routerstatus, like fake_routerstatus in
trusted_dir_derver_t?
- - Better estimates in the directory of whether servers have good uptime
+ o Implemented as a fallback networkstatus consensus.
+ o Better estimates in the directory of whether servers have good uptime
(high expected time to failure) or good guard qualities (high
fractional uptime).
- - AKA Track uptime as %-of-time-up, as well as time-since-last-down
+ o AKA Track uptime as %-of-time-up, as well as time-since-last-down
o Implement tracking
- - Make uptime info persist too.
- - Base Guard on weighted fractional uptime.
+ o Make uptime info persist too.
+ o Base Guard on weighted fractional uptime.
- Make TrackHostExits expire TrackHostExitsExpire seconds after their
*last* use, not their *first* use.
- Limit to 2 dir, 2 OR, N SOCKS connections per IP.
- - Or maybe close connections from same IP when we get a lot from one.
- - Or maybe block IPs that connect too many times at once.
+ - Or maybe close connections from same IP when we get a lot from one.
+ - Or maybe block IPs that connect too many times at once.
- add an AuthDirBadexit torrc option if we decide we want one.
- Testing
@@ -241,11 +241,15 @@
bundle
Nice-to-have items for 0.2.0.x, time permitting:
+ - Low-priority bugs:
+ - we try to build 4 test circuits to break them over different
+ servers. but sometimes our entry node is the same for multiple
+ test circuits. this defeats the point.
+
+Deferred from 0.2.0.x:
- Proposals
- 113: Simplifying directory authority administration
- 110: prevent infinite-length circuits (phase one)
- . Robust decentralized storage for hidden service descriptors.
- (Karsten is working on this; proposal 114.)
- 118: Listen on and advertise multiple ports:
- Tor should be able to have a pool of outgoing IP addresses that it is
able to rotate through. (maybe. Possible overlap with proposal 118.)
@@ -258,7 +262,6 @@
- Most address variables need to become tor_addr_t
- Teach resolving code how to handle ipv6.
- Teach exit policies about ipv6 (consider ipv4/ipv6 interaction!)
-
- Features
- Let controller set router flags for authority to transmit, and for
client to use.
@@ -267,35 +270,16 @@
- Clients should estimate their skew as median of skew from servers
over last N seconds.
- More work on AvoidDiskWrites?
-
+ - Features
+ - Make a TCP DNSPort
- Protocol work
- MAYBE kill stalled circuits rather than stalled connections. This is
possible thanks to cell queues, but we need to consider the anonymity
implications.
- Implement TLS shutdown properly when possible.
-
- - Low-priority bugs:
- - we try to build 4 test circuits to break them over different
- servers. but sometimes our entry node is the same for multiple
- test circuits. this defeats the point.
+ - Bugs
- If the client's clock is too far in the past, it will drop (or just not
try to get) descriptors, so it'll never build circuits.
-
- - Refactoring:
- - Move all status info out of routerinfo into local_routerstatus. Make
- "who can change what" in local_routerstatus explicit. Make
- local_routerstatus (or equivalent) subsume all places to go for "what
- router is this?"
-
- - Build:
- - Detect correct version of libraries from autoconf script.
-
- - Documentation:
- - Review torrc.sample to make it more discursive.
-
-Deferred from 0.2.0.x:
- - Features
- - Make a TCP DNSPort
- Refactoring
- Make resolves no longer use edge_connection_t unless they are actually
_on_ a socks connection: have edge_connection_t and (say)
@@ -303,6 +287,10 @@
n_streams both be linked lists of edge_stream_t.
- Generate torrc.{complete|sample}.in, tor.1.in, the HTML manual, and the
online config documentation from a single source.
+ - Move all status info out of routerinfo into local_routerstatus. Make
+ "who can change what" in local_routerstatus explicit. Make
+ local_routerstatus (or equivalent) subsume all places to go for "what
+ router is this?"
- Blocking/scanning-resistance
- It would be potentially helpful to https requests on the OR port by
acting like an HTTPS server.
@@ -313,6 +301,8 @@
descriptors we have.
- Some mechanism for specifying that we want to stop using a cached
bridge.
+ - Build:
+ - Detect correct version of libraries from autoconf script.
Future versions:
More information about the tor-commits
mailing list