[tor-reports] Fwd: Nick's status report: What I did in July

Nick Mathewson nickm at torproject.org
Wed Aug 1 20:38:01 UTC 2012 

I spent the first half of July in the Tor dev meeting in Florence,
then at the Privacy Enhancing Technologies Symposium in Vigo.

I had lots of good conversations, but only took notes on a relatively
smaller number of them.  I need to write all of those up.

Due to other conversations, I owe the world a fair number of design
documents and whatnot. In particular, I should write, or help somebody
else write:
   * A replacement for the proposal 117, for how we should transport
IPv6 traffic.  This will be heavily influenced by...
   * A design for how we should implement DNSsec, and other
complicated DNS query types.  (Should do this with Ondrej Mikle, who's
thought about it a lot.)
   * A summary of all our ideas for improving the Tor code.
   * A summary of our issues and needs for project management.
   * A release schedule for Tor 0.2.4.x.
   * An improved design for how exit policy should work
   * An improved design for how families should work

I resolved that I'd been ignoring packages for too long.  I learned
how to build TBB on Linux.  For my next trick, I'll learn how to do it
on OSX or Windows.  I highly recommend that every developer who writes
any component of TBB learn how to build TBB on at least one platform:
we need to be dogfooding our stuff more aggressively end-to-end IMO.

Jake had some neat ideas about how to use ASNs; if he doesn't write
them up soon, I should try to remember what he said so there is some
record of that stuff.

Andrea, Karsten, Andrew, and I started a roadmap of our commitments
for Tor 0.2.4.x at
https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Tor/024 .
That's obviously not a complete feature list: it's just what we've
agreed to do on what timeframe.

I should write up a "how tor likes to use trac" thing for the parts of
Tor I work on, and try to move our useage in that direction.

If I promised you something else, please remind me about it!

Jake and I brainstormed a fair bit about what's needed to actually
make strong anonymous email a reality.  More and more people are
asking me this question.  Not sure if Tor should move this way or not.

I talked with Ian Goldberg for a while about the cell crypto designs
of proposal 202.  We came up with a chaining design we briefly liked
for how to make cell-at-once crypto worked, and then promptly broke
it.  (It turns out that many perfectly good encryption modes don't
work if an adversary is allowed to influence the plaintext of block N
after having seen the ciphertext for blocks 1..N-1.  We remembered
that after about 60 minutes, which is a lot faster than the SSL
designers remembered it about CBC.)  So right now, it's looking as if
something like the "encrypt-and-mac" design -- maybe based on AES-GCM
-- is likelier to be what we have to do if we want to deploy something
in 2012.  Maybe we can come up with something even better for later,
but doing large-block is looking more peril-fraught than I'd
suspected.

For the second half of the month, I tried to recover from travelling,
deal with backlog, and generally recover my sanity.

Coverity had started to complain about our code again; I fixed the
bugs that seemed real, or mostly-real.

There were a bunch of patches to review that had piled up for 0.2.3.x
and 0.2.4.x while I was away.  As usual, reviewing patches, getting
them mergeable, and answering bug reports took a lot of my time.

I spent a while investigating tools and metrics for evaluating code
complexity, and methodologies for making code like ours more testable.

I took a look at proposal 204 (to allow vhosts to work with hidden
services), then wrote proposal 205 (to narrow the scope of client-side
DNS caching).

In preparation for a longer work, Steven Murdoch and I are writing a
blog post (possibly more than one) summarizing the top changes in Tor
since the original Tor design paper in 2004.  I wrote up a first draft
of my half.

I worked for a little bit on some of the possible ways to replace our
use of the maxmind db.  In particular, I looked at the Software77 db a
little bit, and wrote some scripts to check for geoip db overlap.  My
results are at https://trac.torproject.org/projects/tor/ticket/6438 .

Priorities for August are to get all august and september deliverables
completed, to prioritize items for the rest of Tor 0.2.4, and to write
up all the designs mentioned above.

yrs,
--
Nick

More information about the tor-reports mailing list