[tor-project] Network team meeting notes, 23 April 2018
nickm at torproject.org
Tue Apr 24 14:56:34 UTC 2018
Our weekly meeting logs are here:
Below are our notes from the meeting.
= Network team meeting pad, 23 April 2018 =
Welcome to our meeting! Mondays at 1700 UTC on #tor-meeting on OFTC.
(This channel is logged while meetings are in progress.)
Want to participate? Awesome! Here's what to do:
1. If you have updates, enter them below, under your name.
2. If you see anything you want to talk about in your updates, put them
3. Show up to the IRC meeting and say hi!
Note the meeting location: #tor-meeting on OFTC!
== Previous notes ==
== Stuff to do every week =
* Let's check and update the roadmap. What's done, and what's coming up?
url to roadmap:
* Check reviewer assignments at
* Check rotations at
== Announcements ==
* Remember to "/me status: foo" at least once daily.
* Remember that our current code reviews should be done by end-of-week.
* Make sure you are in touch with everybody with whom you are doing 0.3.4.x
* Important dates:
* May 15, 2018 -- 0.3.4.x feature freeze! 3 WEEKS LEFT.
* Remember: don't spend more than a day working on anything that isn't on
the 033 or 034 milestones.
== Discussion ==
* How much should we do with travis and how much do we leave to jenkins?
* What is blocking 0.3.3-stable?
* Should we consider any 034-proposed items?
Here's a useful query that finds 0.3.4 tickets that are recently modified,
and don't have code:
- Mike wants #25883 (some control port events)
- gk wants #25895 (rust cross-compiling for Windows)
These ones seem ok:
- dgoulet added #19665 (client port counts) as an essential part of
periodic events (Sponsor 8)
- nickm added #25828 as a bugfix found in #25373 token buckets (Sponsor 8)
== Updates ==
* Last week:
* CI rotation:
- added coveralls support to travis (25818)
- fixed numerous 32-bit issues found by jenkins
- fixed a couple of windows issues found by jenkins
- fixed a distcheck issue found by jenkins
- wrote a patch to have travis handle distcheck
- addressed failing rust builds on jenkins (25813)
* Wrote tricky patch to replace token-bucket refill events (every
100ms) with as-needed refills. 25373
* Wrote patch to fix nonfatal assertion failures in 033
* Reviewed pending patches (25762, 24660, 24659)
* Attended prop291 meeting (two-guard discussion).
* Fixed clang scan-build issues
* Wrote fixes for various small tickets on 034 milestone.
* This week:
* Work with dgoulet to make second_elapsed_callback less
* Review, merge, revise.
* More small 034 tickets, time permitting
* Coverity rotation
* Last week:
* Wrote a patch for #25733
* Cleaned up #25400
* Looked into jenkins a bit to try to help figure out how to email
build-breakers automatically (#25819)
* Ran prop 291 meeting + notes + tickets + mailinglist posts
* Ran vanguard simulator a bunch; found some bugs; wrote some
* Wrote patch for #25870 (fix vanguard restrictions -- I think this
is our best bet for restrictions in 0.3.3/0.3.4)
* Implemented a ton of vanguard script pieces (bandwidth checks,
relay use frequency checks)
* Stumbled on #25883 (no control port stream events for onion
services on service side).
* This week:
* Really want to fix #25883 for 0.3.4. May need some help/tips.
* Get vanguards repo closer to release quality
* Last week:
* Wow, collecting privacy-preserving statistics is time-consuming
* Bandwidth file spec review (we are down to formatting and
* Continued to help with bandwidth measurement (sbws)
* Added new authorities to the testnet
* Tor SoP reviews
* Security patch discussion
* Code reviews on nonfatal asserts (25691/25692), consensus method
pruning (24378, prop#290)
* Closed some really old trac milestones, sent an email to tor-dev
about the rest
* This week:
* Analyse the last collection results
* Configure and schedule the next collection
* Start writing up & reviewing
* Last week:
- Ticket work (See timeline).
- #25226 got merged so #25824 followed.
- Worked on #25762 and worked with nickm on some other roadmap items
reducing client CPU usage.
- I did a full days of work on Torsocks. I'm waiting on feedback on one
ticket before releasing. I will probably just release if I don't hear
back this week from the author of the patch.
- Some work happened in the bad-relays world as well.
* This week:
- I'll try to finalize with nickm some roadmap items we've been working
together (#25500 master ticket).
- Short list of bugs for 034: #25761, #25577
- If possible, continue modularization work with #25610
- No rotation role for me this week.
* last week (2018-W16):
- reviewed updates to #25511 (getinfo current-time/*)
- control-spec.txt changes to support #25511 (getinfo
- also some spec spelling fixes (#25871) caught during review
- reviewed #25727 (bool in rust ffi) [*isis, were you able to poke
rust people about stuff?*]
- did some thinking about #25756 (loosening "consensus from the
future" tolerance) with input from nickm
- sponsor8 reporting stuff
- expense accounting stuff
* this week (2018-W15):
- code review
- continue working on #25061 (spurious connection warnings logged
- look more at #25756
- other 033 or 034 work as needed
- Moved our test s8 onion to a new host. Did some minor tweaks to
- Looked at Isa's S8 reporting.
- Cross compiled Tor/Orbot for Android-ARM64. Now running Orbot
that for test (#25496).
- Progress on #25245: easy to trigger if you inject a lot of
an exit in a Chutney network, but difficult to trigger otherwise.
Worked on making it easier to debug.
- Go over the interview content with the version2 journalist about
- Participated in a radio show with a host I know from BornHack
- Think(hopefully?) managed to solve logistics around being able to
to Mozilla All Hands after Seattle. Now waiting for OK from
- Reviewed #25140
- 0.3.4 work: either network idleness controller interface or
conditionally compiled modules.
- Talk with Hans about what we need to do to get #25496 (0.3.4
ARM64 work) into an Orbot release.
- Land patches for #25245 (0.3.3).
- CI duty. Question: our Jenkins have looked very sad, should I
prioritize some time on this during the week?
- Participated in meeting on 2-guards (prop#291).
- After the meeting, I submitted a patch for #25843 as was arranged and
started testing the 2-guard proposal. I also posted a pseudo-proposal on
a possible future for path restrictions in:
- Worked on improving the vanguard simulator, fixing bugs found by
mike, and implementing more features (#23978).
- Reviewed #24688 and #23693.
- Started a thread on replay protection and ed25519 malleability as part of
#25552. Ian suggested some possible avenues which I think are worth
following. Isis also suggested some alternative avenues based on xeddsa
vxeddsa. I plan to read more into these generalized DSA protocols this
and decide if we can fit them for 034, they seem quite interesting.
a plausible approach would be to do Ian's simple approach for now, and
switch to vxeddsa in the future. Not sure. I plan to read more about this
this week, I find it very interesting.
- Will be secondary mentor for the ahmia project in SoP this year.
- Continue work on 2-guard proposal and vanguards.
- Read more about vxeddsa for #25552.
- Test haxxpop's hsv3 client auth
- Suggest some tasks for the Ahmia SoP student.
- More reviews.
- Finish the client auth in the v3 onion service (excluding the
and it's ready for testing now! (
You can test it by adding `HiddenServiceAuthorizeClient basic
<client_name>` on the service torrc
and `HidServAuth <onion address> <base64-encoded x25519 private
key>` on the client torrc
You can get the private key from
`client_authorized_privkeys/<client_name>.privkey` on the service file
*Could anyone test it soon and, if possible, add it to the next
[asn: Yes I will definitely test and start the review procedure!
Did you also do intro auth or just desc auth?]
[haxxpop: just desc auth, because I still don't know which file
to put clients' ed25519 public keys]
[asn: ok we can figure this out. i guess you'd like us to give it
initial review/testing before doing intro auth, right? makes sense.]
[haxxpop: yes. In fact, I think desc auth and intro auth are
independent features. We can launch the desc auth without intro auth, if we
- next week:
- - Probably take a break ;)
- started testnet authority and convinced people to trust it
- feed sbws testnet results to the authority
- changed sbws v3bw file units from bytes to KB so they'd be
comparable to torflow
- faq additions, glossary
- sbws scanner (client) performs periodic reachability tests for
- sought input from dirauths about running sbws servers vs changing
sbws to use http servers
- signed up to mentor juga for bw scanning work
- publish sbws docs at
- (today, definitely) *make sbws open source** [asn: boom!!!]*
- see https://github.com/pastly/simple-bw-scanner
- publish sbws docs at readthedocs
- unit tests
- probably change from requiring sbws servers to using http(s)
- reviewed a patch to do `make distcheck` on travis #25814
- reviewed a patch to use coveralls from travis #25818
- did the hook/account setup for getting coveralls to start
publishing to https://coveralls.io/github/torproject/tor
- revised patches to expose our RNG in rust #24660
- responded to code review on #24659
- lunch meeting with trevor perrin about malleability in HS crypto
and hash domain separation in post quantum key exchanges
- reviewed #25515 again
- long emails to lists about TROVE-2018-005 and HS crypto
- more work on wide create cells #25647
- finish #25647
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tor-project