[tor-project] Rhatto's Monthly Status Report, September 2023
rhatto
rhatto at torproject.org
Mon Oct 2 22:45:25 UTC 2023
Hi all :)
This is my monthly status report for September 2023 with the main relevant
activities I have done during the period.
## 0. Research
### Certificates
The work for bringing TLS certificates for Onion Services was focused in the
ACME for Onions proposal (https://acmeforonions.org).
There were a series of relevant updates both on IETF ACME and on the
CA/B Forum's Validation working groups:
* https://lists.cabforum.org/pipermail/validation/2023-September/001927.html
* https://magicalcodewit.ch/cabf-2023-09-07-slides/
* https://mailarchive.ietf.org/arch/msg/acme/LMYC_Ou41E_9RuaVSYPr7SIhCCc/
* https://github.com/AS207960/acme-onion/issues/2
I focused in:
* Helping to figure ways that CAA and .onion descriptors could be handled by
ACME client and servers. I'm still compiling the list of options for an
ACME server to parse and validate an Onion Service descriptor.
* Doing a documentation update about CAA checking:
https://tpo.pages.torproject.net/onion-services/onionplan/appendixes/acme/#caa
https://gitlab.torproject.org/tpo/onion-services/onionplan/-/commit/02341735b8e5810cd4cc53b2f872c5def7bf3d7b
## Tor Browser Quality Assurance for Onion Services (TBB .onion QA)
I have completed the first three quarters of Tor Browser QA testing (since
2023.Q1).
### Testbed
* Since this QA process started, it's methodology and tooling was bootstrapped
and improved.
* Some basic tests were defined to happen at every Tor Browser release (when
applicable).
* Additional, specific tests were also defined to check for specific and
potential issues.
* The "Faulty Onions" project was prototyped, and is intended to provide test
Onion Services with different errors to check how Tor Browser and other
applications handles them. More details to be expected soon.
* A few alternatives for test automation were researched, to consider
whether some of the regular tests can be automated.
* Public documentation remains yet to be done.
### Versions tested
Eleven Tor Browsers versions were formally tested:
* 12.5.1
* 12.5.2
* 12.5.3
* 12.5.4
* 12.5.5
* 12.5.6
* 13.0a1
* 13.0a2
* 13.0a3
* 13.0a4
* 13.0a5
## 1. Development
### Onionprobe
* Onionprobe 1.1.2 was released:
https://gitlab.torproject.org/tpo/onion-services/onionprobe/-/blob/main/ChangeLog.md?ref_type=heads#v112-2023-09-28
## 2. Support
### Documentation Hackweek
As a preparation for the upcoming [Hackweek][], I have submitted four project
proposals:
* Onion MkDocs tryout:
https://gitlab.torproject.org/tpo/community/hackweek/-/issues/13
* Onion TeX Slim enhancements:
https://gitlab.torproject.org/tpo/community/hackweek/-/issues/14
* Onion Reveal coding and documenting:
https://gitlab.torproject.org/tpo/community/hackweek/-/issues/15
* Etherpad management:
https://gitlab.torproject.org/tpo/community/hackweek/-/issues/16
I'm planning to work in just one of these projects, depending in which one is
more popular or gets more attention. I'm also looking for people that wants to
form a team, or even adopt one of these proposals.
Please leave a comment, subscribe yourself or add your user name into the
ticket description if you're interested :)
[Hackeek][]: https://lists.torproject.org/pipermail/tor-project/2023-August/003675.html
### Maintenance
* I also did the ongoing sponsored work with deployment, maintenance and
monitoring of Onion Services.
## 3. Organization
Time spent (from the total available for Tor-related work):
| Category | Percentage
|---------------|------------
| Research | 57
| Development | 1
| Support | 9
| Organization | 33
|---------------|------------
| Total | 100
--
Silvio Rhatto
pronouns he/him
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20231002/e670eb7a/attachment.sig>
More information about the tor-project
mailing list