[or-cvs] r14521: Add some items from discussion in #tor. (torflow/branches/gsoc2008)
mikeperry at seul.org
mikeperry at seul.org
Thu May 1 04:54:33 UTC 2008
Author: mikeperry
Date: 2008-05-01 00:54:32 -0400 (Thu, 01 May 2008)
New Revision: 14521
Modified:
torflow/branches/gsoc2008/TODO
Log:
Add some items from discussion in #tor.
Modified: torflow/branches/gsoc2008/TODO
===================================================================
--- torflow/branches/gsoc2008/TODO 2008-05-01 04:23:52 UTC (rev 14520)
+++ torflow/branches/gsoc2008/TODO 2008-05-01 04:54:32 UTC (rev 14521)
@@ -67,6 +67,16 @@
- Improve SSL cert handling/verification. openssl client is broken.
- Also the way we store certs is lame. No need to store so many copies
for diff IPs if they are all the same.
+ - Check Exit policy for sketchyness. Mark BadExit if they allow:
+ - pop but not pops
+ - imap not but imaps
+ - telnet but not ssh
+ - smtp but not smtps
+ - 80 but not 443
+ - This also means we have to verify encrypted ports actually work and
+ all exits will honor connections through them (in addition to
+ checkign certs)
+ - Also verify STARTTLS is not molested on smtp and imap ports
- Parallelize scanning
- Improve interaction between soat+metatroller so soat knows
which exit was responsible for a given ip/url
@@ -104,3 +114,4 @@
- Stopgap for bootstrapping
- push traffic through the 0.1.1.x with 0 dirport and earlier servers
that claim less than 20KB traffic
+
More information about the tor-commits
mailing list