[tor-dev] [GSoC] CONIKS implementation for Tor Messenger

Arlo Breault arlo at torproject.org
Wed Mar 23 21:29:27 UTC 2016

Thanks Vu, looking good.

> One challenge of keyserver is efficiency and scalability for large volumes of users, concurrent traffic. According to this requirement, the keyserver will be implemented using libuv library and OpenSSL as cryptography library. libuv is a multi-platform support library with a focus on asynchronous I/O and primarily used by node.js. OpenSSL is used to add TLS/SSL functionality on top of libuv. This ensures that the server can handle a high rate of requests and connections with as low of latency and resource and is able to provide SSL/TLS connection.

There's been some confusion around the languages listed in the
project description. C/JavaScript are there as prerequisites
for working with the ctypes-otr add-on.

It may be prudent to consider a memory-managed language (I'll
suggest golang here as popular choice) for the server component.

> If there are any problems with the CONIKS consistency checks, the consistency check result will be noticed to the user by a popup modal. Its design includes a significant signal to alert the user (such as using red sign).
> ...
> Monitoring: regularly downloading consistency proofs in the background and notifying to the user by a popup modal if a new key binding is issued. 

Wherever possible, we'd like to avoid modals and use the notification
bar. There's also a suggestion to grey out the conversation window
and use a throbber here, https://github.com/arlolra/ctypes-otr/issues/20

More information about the tor-dev mailing list