[tor-dev] Using consensus package versions for third party software

[John Brooks]

Proposal 227 added a method for putting non-little-t-tor package versions
and digests in the consensus, intended to authenticate Tor Browser updates.
This is done in tor 0.2.6, although it’s not yet in use by Tor Browser or
the consensus.

I propose using this feature to notify Ricochet[1] users of software
updates. My reasoning is:

- It’s vital to the security of Ricochet’s users that they’re quickly
notified of version updates
- Tor is the only infrastructure Ricochet uses; adding an “update server”
would harm its model
- The consensus-based method is better than anything we can independently do
- I think Ricochet is an ideal case of where this work can be useful

The benefits from my side are obvious, but it’s less clear if this is
appropriate for Tor. Ricochet users[2] are an extremely small portion of
Tor’s users, but this would be in every consensus. Some directory
authorities would have to volunteer to keep those votes up to date.

I’m interested in feedback from the community in general, and especially
from directory authorities on whether this is something they’d be interested
in supporting. Of course, even if people think this is a good idea, the
burden is on me to convince DAs to lend their time.

Thanks,

- John

[1] https://ricochet.im/
[2] It’s part of the design that I can’t accurately count users. My best
guess is “low hundreds, and growing”.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150414/e25c179b/attachment.sig>