[tor-reports] Isis' January 2014

isis isis at torproject.org
Fri Feb 7 23:34:58 UTC 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

*** status report 2013/01
**** Isis' January 2014: Review

In January, after 30C3, I went to Berlin. I began to crew aboard the c-base.
   .
   |
   |
   |
   #
  (=)
   H
   H
   H
   H
   H
   H
   M
   M  berliner fernsehturm
  / \
                _____
             ,-"     "-.
            / o       o \
           /   \     /   \
          /     )-"-(     \
         /     ( 6 6 )     \
        /       \ " /       \
       /         )=(         \
      /   o   .--"-"--.   o   \
     /    I  /  -   -  \  I    \
 .--(    (_}y/\       /\y{_)    )--.
(    ".___l\/__\_____/__\/l___,"    )
 \                                 /
  "-._      o O o O o O o      _,-"
      `--Y--.___________.--Y--'
         | ==.___________.== |
          `==.___________.=='

As far as real work goes, I:

  * tagged and released the first version (0.1.0) of all my BridgeDB refactoring work 
  * set up a staging instance for BridgeDB
  * updated the deployment scripts for both the production and staging servers
  * discussed starting work on "Point-Click-Publish" HS blogging platform
    (Cute Otter) with Tom:
    https://trac.torproject.org/projects/tor/wiki/org/sponsors/Otter/Cute

         .-"""-.
        /      o\
       |    o   0).-.
       |       .-;(_/     .-.
        \     /  /)).---._|  `\   ,
         '.  '  /((       `'-./ _/|
           \  .'  )        .-.;`  /
            '.             |  `\-'
              '._        -'    /
                ``""--`------`

Then, rather hastily and unexpectedly, I was forced to deploy 0.1.0 (and
actually it ended up being 0.1.1 which was deployed), even though it was still
in staging, because the old BridgeDB just stopped working all of a sudden
(#10796). I couldn't find anything more out of order or stranger on that
machine than its usual state of disarray and madness, however, so I am not
sure what caused the hang.


**** Tickets worked on in January 2014:
***** Component: Analysis (1 match)
#10680 Obtain attributes of current public bridges

***** Component: BridgeDB (15 matches)
#1606 Write a BridgeDB spec
#5232 Import bridges into BridgeDB in a separate thread and database transaction
#6127 bridges.tpo runs in development mode
#7207 BridgeHerder: A tool to manage bridges
#9264 Problem with transport lines in BridgeDB's bridge pool assignment files
#9377 Add more unittests for and logging to descriptor parsers
#9380 BridgeDB should use stem for parsing descriptors according to torspec
#9462 BridgeDB networkstatus descriptor parsers need refactoring
#10559 BridgeDB writes `keyid=` before fingerprints
#10723 Create a staging instance for BridgeDB
#10724 Make BridgeDB's use of Stability.addOrUpdateBridgeHistory() configurable
#10725 Write a Completely Spec-Compliant Bridge Descriptor Parser
#10737 POST arguments to bridges.torproject.org are dropped if entering a CAPTCHA fails
#10776 bridges.tpo's uptime could be better
#10796 Bridgedb became unresponsive

***** Component: Firefox Patch Issues (1 match)
#5752 Isolate browser streams by url bar domain rather than by time interval

***** Component: Obfsproxy (1 match)
#10148 Scramblesuit doesn't handle base32 decoded shared secrets properly

***** Component: Pluggable transport (3 matches)
#10671 Pluggable Transports: Improve method of transferring parameters to client-side transports
#10672 Send mail to bridge operators and inform them of pluggable transports

***** Component: Service - git (1 match)
#10615 Please create a torspec.git repo for isis

***** Component: Tor (2 matches)
#9729 Make bridges publish additional ORPort addresses in their descriptor
#10614 pt-spec.txt describes using `keyid=fingerprint` in torrc `Bridge` lines

***** Component: Tor Launcher (2 matches)
#10418 Make a "Use Default Bridges" Radio button in the Tor Launcher Bridge UI
#10384 TorLauncher UI seems to split bridge fingerprints onto a new line

***** Component: Tor bundles/installation (3 matches)
#9444 Create deterministic TorBrowserBundles with Pluggable Transports
#10383 TBB 3.5's OpenSSL was not built with NIST P224 and P256 curve support
#10425 tor's geoip6 file is missing in TBB-3.5 and hardcoded to a gitian-builder path

***** Component: TorBirdy (1 match)
#10762 TorBridy should try both SOCKS port 9050 and 9150

**** In February 2014, I plan to work on:
I'm going to be doing a bit (that means a small amount, since I would rather
work on other things) of redesign of BridgeDB's email and HTTPS interfaces. I
would especially like to make BridgeDB's HTTPS interface friendlier for people
with disabilities, including redesigning the CAPTCHA system. Patches and
suggestions welcome! *No JS allowed!*

I'll be at the Tor developer meeting next week in Iceland.

If I have time, I am going to look into creating a Twitter bot for bridge
distribution. wiretapped also mentioned an idea for a Google Appengine
endpoint for BridgeDB, which I'm curious to hear more about. Both of these
seem like fun projects to hack on with other people, if anyone is looking to
get involved.

I also began an implementation of CL08 randomizable, anonymous credentials. (I
linked to this paper and summarised its potential uses in an earlier status
report.) George Danezis also pointed me at another Camenisch-Lysyanskaya
credential system which does not require pairings in bilinear groups ― I plan
to look more into this as well.

**** Relevant Papers/Research:
Watch all of the 30C3 talks:
http://media.ccc.de/browse/congress/2013/index_1.html

Lysyanskaya, A., Belenkiy, M., Chase, M., & Kohlweiss, M.
  "P-signatures and noninteractive anonymous credentials."
  Theory of Cryptography. Springer Berlin Heidelberg, 2008. 356-374.
  http://www.cosic.esat.kuleuven.be/publications/article-1004.pdf

Has an extremely indepth explanation of how to implement Groth-Sahai proofs
in DLIN and SXDH for NIZKPK of commitments on elements in bilinear groups.

- -- 
 ♥Ⓐ isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-----BEGIN PGP SIGNATURE-----

iQMhBAEBCgELBQJS9W2iBYMB4TOAVhSAAAAAACUAKGlzaXMrc2lnbnN1YmtleUBw
YXR0ZXJuc2ludGhldm9pZC5uZXRGQzYzQUE1Q0QxOTM4NjlDMzIzNzE0NUE1QzE3
Nzc2RTI3RjdFODRESxSAAAAAABoAKGlzaXNAcGF0dGVybnNpbnRoZXZvaWQubmV0
MEE2QTU4QTE0QjU5NDZBQkRFMThFMjA3QTNBREI2N0EyQ0RCOEIzNS4aaHR0cHM6
Ly9ibG9nLnBhdHRlcm5zaW50aGV2b2lkLm5ldC9wb2xpY3kudHh0LJhodHRwczov
L2Jsb2cucGF0dGVybnNpbnRoZXZvaWQubmV0L2lzaXMudHh0AAoJEFwXd24n9+hN
bJUP/0uhp99L/g7NQpQJX/6n4qZmiDOCz5J9zEVu8NNmAuExtjde3I3FIgPtogOe
xHKMxDT37m1fnlGYft4k4nZVzs3lJMrAyzwkFjtnrWDp/OeZA1IUqAIrsI3LbFyD
iOP8r8mY5QrMWFjWLtGdEqmU7dLrRjjBwY9+T28DEDt3qmBhnU81OyElMzr478ZT
1iErTxMubxSZXJN+xmXcpE50IGltaRTxbDjD0ci/u4lO5xOMg2QM5YFARM0K1oqm
ehD2KmK6Ip6qoCIh3+R9nVlq5esCdrCiRGA4yRvDMvbE+J/997GUc4+pFkx1dbwA
29TCVbGwoZ6ApwzTWnAVhddeDTYI4xkLSoVTR36fveJns33Q7pY3mzZnCsw4RV5k
PaZx0S/MVjxjv6SmhqtR5lfHwyqqidxUX8UZyPZ5CmfBedbVozecruFb3KsOCHA+
5kuub9zaDipjh1j43/UysQW2c282R6S8MAuDTmkvU8DDB2Xr7qSVI0sbimpUuJW0
eQhVBCzkatcV2sj6cVsWHdf9yUMvoiSCBFRWXXFpWdbO9iefyIXaz9IClq7czUqP
BPfkmnXvWrKUKrjfibmgEy0zQKE+ZpRtacfXE90/W58Sk8dpSaFtqlmr4FwIx7sh
ZrddqEX9e4I0Oj3+kACc4JURvKWRwxmwxULZhbzbG+zIljIr
=0fRy
-----END PGP SIGNATURE-----

More information about the tor-reports mailing list