[tor-project] Tor Browser Team Meeting Notes, 18 November 2019
sysrqb at torproject.org
Tue Nov 19 01:16:42 UTC 2019
We held our weekly Tor Browser Team meeting on Monday. Here are the
During the meeting we briefly discussed on-going work for making onion
services more usable.
Next, we briefly talked about some Android-related work. We have a
useful collection of libraries now, but they may not be the best
solution, especially as some of our partners in this space are actively
developing different solutions. We will have more discussions in the
future about how Tor development on Android (and mobile, in general)
Finally, an idea was proposed of creating a Tor Browser build that makes
troubleshooting network connectivity problems earlier. Ticket #32540 was
created for this.
Week of November 18, 2019
What is the status of our testing suite? (test-reports.tbb.tpo? Are
the tests run automatically anywhere and are the results publicly
- Help with OTF proposal
- Still banging my head against #32053 :(
- reviews (#30327, #31130, #32508)
- #31597 (closed Mozilla bugs between esr60-esr68)
- worked on the signing infrastructure for macOS #32173
- went over all our signing related tickets and tagged them with
- more RLBox work (wrote patches for #32436 and #32437 over the
- wrote small patch for #32509
- a bit thinking about the design doc update
- HackerOne house-keeping and triage
- more work on #31597
- more work on #32053
- more work on #32173
- design doc update
- more RLBox work in my spare time
mcs and brade:
- Sponsor 27 work: #30237 (v3 onion services client auth).
- Tied up loose ends.
- Posted patches for review and revised them based on
feedback from Richard.
- Spent a little time on #10416/#29020 (Tor won't start on
Windows when path contains non-ascii characters).
- Commented in #32498 (Consider updating MAR_CHANNEL_ID for
- For #19757, think about permanent storage of client auth keys
and associated management UI.
- Respond in #32418 (up-to-date Torbrowser notifies that it
- Add actual points to completed tickets.
- OTF Browser Proposal
- S44 Final report
- Trac triage
- Tor Browser Release meeting
- S27 meeting
- Tor Browser October report
- General roadmap admin
- OTF Browser Proposal
- S44 final report
- Trac triage
- Addressed review of #30558.
- Addressed review of #19859.
- Filed #32520.
- Debugged #31691 a bit.
- Filed #32523.
- Filed #32527.
- Address whatever review happens on #30558 and #19859.
Some work on the OTF proposal
Misc Tor Browser things
More OTF proposal
More ticket triage and assignments
Write summary of Fastly event and thoughts about onion services
- Revised #28745: THE Torbutton clean-up
- Worked on #21952 (Onion-location: increasing the use of onion
services through automatic redirects and aliasing):
- Exposed in about:preferences
- Implemented automatic redirects as with "Location" header.
- Basic visual feedback when redirect ("manual" or
automatic) to .onion has happened
- Wrap up work on #21952, and do builds so that it can be
- Check #32255 (Missing ORIGIN header breaks CORS in Tor Browser
9.0) and take some action (not sure exactly which one)
- Follow up #32297 (try to reproduce with new info from
- Updated patch for #25099 (Update nightly version number)
- Worked on patch for #25101 (Generate incremental mar files for
- Some reviews
- Looked at blog comments
- Finish patch for #25101 (Generate incremental mar files for
- Generate a mar signing key for nightly builds (#31988)
- Make patch for #32475 (Reduce the number of locales we provide
updates for in nightly)
- Test/review rebased patch for #30334 (build_go_lib for
- #Broke apart #30501 issues. These are (will be) broken into
changes 1) No API changes; 2) API changes but easy conversions to
Android shared pref format; 3) Breaking API changes and changes needed
to underlying shared prefs (with data migration needed). (1) issues are
#30767, #32516; (2) #32501, #32518 + more this week; (3) #30501 -
BridgeList + sets for enumerations of addresses
- #30767 - TOPL Custom obfs4 bridge does not work work for Android -
Recreated isolated commit (in review)
- #32516 - TOPL Cleanup write methods. Various cleanup to simplify
writing of torrc fields.
- #32501 dormant canceled field - previous patch broke
tor-android-service: I added a couple of commits to bring these changes
into tor-android-service and TOPL. We should be able to remove patches
in browser build after this.
- #32476 More investigation into JNI. Open question if this supports
Desktop platforms or whether changes are Android specific only.
- Define and work on issues for (2) API breaking changes and (3) if
- Follow up with guardian project to define more specific plans
- Prototype with JNI
- #31992 apktool workaround
- Would like to do MR for #30767, #32516, #32501 to TOPL project
- US holiday on monday
- reviewed #30237 (mcs/brade onion service auth)
- deep dive into NoScript for #30570 (per-site settings)
- fixed about:preferences#tor UX bug #32508
- hmm see why the fix for #32508 isn't working as expected
- investigating feasibility of adding first-party isolation
double-keying to NoScript, prototype
- Holiday travelling from the 24th through the 6th with
- Moving cross-country sometime in the middle of December also with
Have a good week,
More information about the tor-project