mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-20 02:09:24 +01:00
Code Issues Projects Releases Wiki Activity

r16323@catbus: nickm | 2007-11-01 00:32:12 -0400

Browse Source 
Mark some finished items finished, some deferred items deferred, and move some "nice to haves" into "deferred-land."


svn:r12307
This commit is contained in:
Nick Mathewson 2007-11-01 04:38:45 +00:00
parent 2645219b4c
commit 90ce047aae
1 changed files with 33 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
doc/TODO
View File

@ -24,10 +24,10 @@ Things we'd like to do in 0.2.0.x:
o Support for preconfigured mirror lists
o Use a pre-shipped fallback consensus.
o Code to install a pre-defined fallback consensus
. Download consensuses (et al) via if-modified-since
o Download consensuses (et al) via if-modified-since
o Implement backend support for sending if-modified-since
o Use it for consensuses.
- Use it for certificates
D Use it for certificates
o base Guard flag on WFU rather than on MTBF.
o Change guard calculation
o Change dir-spec.txt
@ -57,6 +57,7 @@ Things we'd like to do in 0.2.0.x:
and send netinfo and be "open".
o On netinfo, warn if there's skew from a server.
- Learn our outgoing IP address from netinfo cells?
- Earliest stages of 110 (infinite-length) in v2 protocol.
- TLS only
- Need to get a finished TLS normalization proposal
- Revised authentication.
@ -108,16 +109,16 @@ Things we'd like to do in 0.2.0.x:
of their first test, and then never seeing use.
- Proposals:
. 101: Voting on the Tor Directory System (plus 103)
- Handle badly timed certificates properly.
. Start caching consensus documents once authorities make them;
o 101: Voting on the Tor Directory System (plus 103)
o Handle badly timed certificates properly.
o Start caching consensus documents once authorities make them;
start downloading consensus documents once caches serve
them
o Code to delay next download while fetching certificates to verify
a consensus we already got.
o Code to retry consensus download if we got one we already have.
- Use if-modified-since on consensus download
- Use if-modified-since on certificate download
D Use if-modified-since on consensus download
o Use if-modified-since on certificate download
- Controller support
- GETINFO to get consensus
- Event when new consensus arrives
@ -140,7 +141,7 @@ Things we'd like to do in 0.2.0.x:
o Do TLS rotation less often than "every 10 minutes" in the thrashy case.
D Do TLS connection rotation more often than "once a week" in the
extra-stable case.
- Streamline how we pick entry nodes: Make choose_random_entry() have
D Streamline how we pick entry nodes: Make choose_random_entry() have
less magic and less control logic.
- Refactor networkstatus generation:
- Include "v" line in getinfo values.
@ -185,28 +186,27 @@ R - drop 'authority' queries if they're to our own identity key; accept
- Make BEGIN_DIR mandatory for asking questions of bridge authorities?
- Features (other than bridges):
- Blocking-resistance.
- Write a proposal; make this part of 105.
- Audit how much RAM we're using for buffers and cell pools; try to
trim down a lot.
- Base relative control socket paths on datadir.
- We should ship with a list of stable dir mirrors -- they're not
o We should ship with a list of stable dir mirrors -- they're not
trusted like the authorities, but they'll provide more robustness
and diversity for bootstrapping clients.
- Implement this as a list of routerstatus, like fake_routerstatus in
X Implement this as a list of routerstatus, like fake_routerstatus in
trusted_dir_derver_t?
- Better estimates in the directory of whether servers have good uptime
o Implemented as a fallback networkstatus consensus.
o Better estimates in the directory of whether servers have good uptime
(high expected time to failure) or good guard qualities (high
fractional uptime).
- AKA Track uptime as %-of-time-up, as well as time-since-last-down
o AKA Track uptime as %-of-time-up, as well as time-since-last-down
o Implement tracking
- Make uptime info persist too.
- Base Guard on weighted fractional uptime.
o Make uptime info persist too.
o Base Guard on weighted fractional uptime.
- Make TrackHostExits expire TrackHostExitsExpire seconds after their
*last* use, not their *first* use.
- Limit to 2 dir, 2 OR, N SOCKS connections per IP.
- Or maybe close connections from same IP when we get a lot from one.
- Or maybe block IPs that connect too many times at once.
- Or maybe close connections from same IP when we get a lot from one.
- Or maybe block IPs that connect too many times at once.
- add an AuthDirBadexit torrc option if we decide we want one.
- Testing
@ -241,11 +241,15 @@ P - create a "make win32-bundle" for vidalia-privoxy-tor-torbutton
bundle
Nice-to-have items for 0.2.0.x, time permitting:
- Low-priority bugs:
- we try to build 4 test circuits to break them over different
servers. but sometimes our entry node is the same for multiple
test circuits. this defeats the point.
Deferred from 0.2.0.x:
- Proposals
- 113: Simplifying directory authority administration
- 110: prevent infinite-length circuits (phase one)
. Robust decentralized storage for hidden service descriptors.
(Karsten is working on this; proposal 114.)
- 118: Listen on and advertise multiple ports:
- Tor should be able to have a pool of outgoing IP addresses that it is
able to rotate through. (maybe. Possible overlap with proposal 118.)
@ -258,7 +262,6 @@ Nice-to-have items for 0.2.0.x, time permitting:
- Most address variables need to become tor_addr_t
- Teach resolving code how to handle ipv6.
- Teach exit policies about ipv6 (consider ipv4/ipv6 interaction!)
- Features
- Let controller set router flags for authority to transmit, and for
client to use.
@ -267,35 +270,16 @@ Nice-to-have items for 0.2.0.x, time permitting:
- Clients should estimate their skew as median of skew from servers
over last N seconds.
- More work on AvoidDiskWrites?
- Features
- Make a TCP DNSPort
- Protocol work
- MAYBE kill stalled circuits rather than stalled connections. This is
possible thanks to cell queues, but we need to consider the anonymity
implications.
- Implement TLS shutdown properly when possible.
- Low-priority bugs:
- we try to build 4 test circuits to break them over different
servers. but sometimes our entry node is the same for multiple
test circuits. this defeats the point.
- Bugs
- If the client's clock is too far in the past, it will drop (or just not
try to get) descriptors, so it'll never build circuits.
- Refactoring:
- Move all status info out of routerinfo into local_routerstatus. Make
"who can change what" in local_routerstatus explicit. Make
local_routerstatus (or equivalent) subsume all places to go for "what
router is this?"
- Build:
- Detect correct version of libraries from autoconf script.
- Documentation:
- Review torrc.sample to make it more discursive.
Deferred from 0.2.0.x:
- Features
- Make a TCP DNSPort
- Refactoring
- Make resolves no longer use edge_connection_t unless they are actually
_on_ a socks connection: have edge_connection_t and (say)
@ -303,6 +287,10 @@ Deferred from 0.2.0.x:
n_streams both be linked lists of edge_stream_t.
- Generate torrc.{complete|sample}.in, tor.1.in, the HTML manual, and the
online config documentation from a single source.
- Move all status info out of routerinfo into local_routerstatus. Make
"who can change what" in local_routerstatus explicit. Make
local_routerstatus (or equivalent) subsume all places to go for "what
router is this?"
- Blocking/scanning-resistance
- It would be potentially helpful to https requests on the OR port by
acting like an HTTPS server.
@ -313,6 +301,8 @@ Deferred from 0.2.0.x:
descriptors we have.
- Some mechanism for specifying that we want to stop using a cached
bridge.
- Build:
- Detect correct version of libraries from autoconf script.
Future versions: