[tor-reports] Isis' January 2014

isis isis at torproject.org
Fri Feb 7 23:34:58 UTC 2014

Hash: SHA512

*** status report 2013/01
**** Isis' January 2014: Review

In January, after 30C3, I went to Berlin. I began to crew aboard the c-base.
   M  berliner fernsehturm
  / \
             ,-"     "-.
            / o       o \
           /   \     /   \
          /     )-"-(     \
         /     ( 6 6 )     \
        /       \ " /       \
       /         )=(         \
      /   o   .--"-"--.   o   \
     /    I  /  -   -  \  I    \
 .--(    (_}y/\       /\y{_)    )--.
(    ".___l\/__\_____/__\/l___,"    )
 \                                 /
  "-._      o O o O o O o      _,-"
         | ==.___________.== |

As far as real work goes, I:

  * tagged and released the first version (0.1.0) of all my BridgeDB refactoring work 
  * set up a staging instance for BridgeDB
  * updated the deployment scripts for both the production and staging servers
  * discussed starting work on "Point-Click-Publish" HS blogging platform
    (Cute Otter) with Tom:

        /      o\
       |    o   0).-.
       |       .-;(_/     .-.
        \     /  /)).---._|  `\   ,
         '.  '  /((       `'-./ _/|
           \  .'  )        .-.;`  /
            '.             |  `\-'
              '._        -'    /

Then, rather hastily and unexpectedly, I was forced to deploy 0.1.0 (and
actually it ended up being 0.1.1 which was deployed), even though it was still
in staging, because the old BridgeDB just stopped working all of a sudden
(#10796). I couldn't find anything more out of order or stranger on that
machine than its usual state of disarray and madness, however, so I am not
sure what caused the hang.

**** Tickets worked on in January 2014:
***** Component: Analysis (1 match)
#10680 Obtain attributes of current public bridges

***** Component: BridgeDB (15 matches)
#1606 Write a BridgeDB spec
#5232 Import bridges into BridgeDB in a separate thread and database transaction
#6127 bridges.tpo runs in development mode
#7207 BridgeHerder: A tool to manage bridges
#9264 Problem with transport lines in BridgeDB's bridge pool assignment files
#9377 Add more unittests for and logging to descriptor parsers
#9380 BridgeDB should use stem for parsing descriptors according to torspec
#9462 BridgeDB networkstatus descriptor parsers need refactoring
#10559 BridgeDB writes `keyid=` before fingerprints
#10723 Create a staging instance for BridgeDB
#10724 Make BridgeDB's use of Stability.addOrUpdateBridgeHistory() configurable
#10725 Write a Completely Spec-Compliant Bridge Descriptor Parser
#10737 POST arguments to bridges.torproject.org are dropped if entering a CAPTCHA fails
#10776 bridges.tpo's uptime could be better
#10796 Bridgedb became unresponsive

***** Component: Firefox Patch Issues (1 match)
#5752 Isolate browser streams by url bar domain rather than by time interval

***** Component: Obfsproxy (1 match)
#10148 Scramblesuit doesn't handle base32 decoded shared secrets properly

***** Component: Pluggable transport (3 matches)
#10671 Pluggable Transports: Improve method of transferring parameters to client-side transports
#10672 Send mail to bridge operators and inform them of pluggable transports

***** Component: Service - git (1 match)
#10615 Please create a torspec.git repo for isis

***** Component: Tor (2 matches)
#9729 Make bridges publish additional ORPort addresses in their descriptor
#10614 pt-spec.txt describes using `keyid=fingerprint` in torrc `Bridge` lines

***** Component: Tor Launcher (2 matches)
#10418 Make a "Use Default Bridges" Radio button in the Tor Launcher Bridge UI
#10384 TorLauncher UI seems to split bridge fingerprints onto a new line

***** Component: Tor bundles/installation (3 matches)
#9444 Create deterministic TorBrowserBundles with Pluggable Transports
#10383 TBB 3.5's OpenSSL was not built with NIST P224 and P256 curve support
#10425 tor's geoip6 file is missing in TBB-3.5 and hardcoded to a gitian-builder path

***** Component: TorBirdy (1 match)
#10762 TorBridy should try both SOCKS port 9050 and 9150

**** In February 2014, I plan to work on:
I'm going to be doing a bit (that means a small amount, since I would rather
work on other things) of redesign of BridgeDB's email and HTTPS interfaces. I
would especially like to make BridgeDB's HTTPS interface friendlier for people
with disabilities, including redesigning the CAPTCHA system. Patches and
suggestions welcome! *No JS allowed!*

I'll be at the Tor developer meeting next week in Iceland.

If I have time, I am going to look into creating a Twitter bot for bridge
distribution. wiretapped also mentioned an idea for a Google Appengine
endpoint for BridgeDB, which I'm curious to hear more about. Both of these
seem like fun projects to hack on with other people, if anyone is looking to
get involved.

I also began an implementation of CL08 randomizable, anonymous credentials. (I
linked to this paper and summarised its potential uses in an earlier status
report.) George Danezis also pointed me at another Camenisch-Lysyanskaya
credential system which does not require pairings in bilinear groups ― I plan
to look more into this as well.

**** Relevant Papers/Research:
Watch all of the 30C3 talks:

Lysyanskaya, A., Belenkiy, M., Chase, M., & Kohlweiss, M.
  "P-signatures and noninteractive anonymous credentials."
  Theory of Cryptography. Springer Berlin Heidelberg, 2008. 356-374.

Has an extremely indepth explanation of how to implement Groth-Sahai proofs
in DLIN and SXDH for NIZKPK of commitments on elements in bilinear groups.

- -- 
 ♥Ⓐ isis agora lovecruft
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt


More information about the tor-reports mailing list