|
|
@@ -20,14 +20,13 @@ NICK . Handle half-open connections
|
|
|
o Figure out what causes connections to close, standardize
|
|
|
when we mark a connection vs when we tear it down
|
|
|
o Look at what ssl does to keep from mutating data streams
|
|
|
-ARMA - Reduce streamid footprint from 7 bytes to 3 bytes
|
|
|
- - Check for collisions in streamid (now possible with
|
|
|
- just 3 bytes), and back up & replace with padding if so
|
|
|
- - Use the 3 saved bytes to put pseudorandomness in each cell
|
|
|
+ARMA - Reduce streamid footprint from 7 bytes to 2 bytes
|
|
|
+ - Check for collisions in streamid (now possible with
|
|
|
+ just 2 bytes), and back up & replace with padding if so
|
|
|
+ - Use the 3 saved bytes to put pseudorandomness in each relay cell
|
|
|
- Use the 4 reserved bytes in each cell header to keep 1/5
|
|
|
- of a sha1 of the payload
|
|
|
- - (Move these 4 bytes into the stream header)
|
|
|
- - Consider moving length into the stream header too
|
|
|
+ of a sha1 of the relay payload (move into stream header)
|
|
|
+ - Move length into the stream header too
|
|
|
- Spec the stream_id stuff. Clarify that nobody on the backward
|
|
|
stream should look at stream_id.
|
|
|
ARMA . Exit policies
|
|
|
@@ -49,25 +48,36 @@ SPEC!! D Non-clique topologies
|
|
|
o Handle multiple cpu workers (one for each cpu, plus one)
|
|
|
o Queue for pending tasks if all workers full
|
|
|
o Support the 'process this onion' task
|
|
|
- - Support the 'decrypt this RSA blob' handshake1 task
|
|
|
+NICK - Support the 'decrypt this RSA blob' handshake1 task
|
|
|
+ - Merge dnsworkers and cpuworkers to some extent
|
|
|
- Handle cpuworkers dying
|
|
|
D Support later handshake parts
|
|
|
- . Directory servers
|
|
|
- D Automated reputation management
|
|
|
+ o Simple directory servers
|
|
|
o Include key in source; sign directories
|
|
|
o Signed directory backend
|
|
|
o Document
|
|
|
o Integrate
|
|
|
- - Add versions to code
|
|
|
- . Have directories list recommended-versions
|
|
|
+ o Add versions to code
|
|
|
+ o Have directories list recommended-versions
|
|
|
o Include (unused) line in directories
|
|
|
o Check for presence of line.
|
|
|
- - Quit if running the wrong version
|
|
|
- - Command-line option to override quit
|
|
|
- . Add more information to directory server entries
|
|
|
+ o Quit if running the wrong version
|
|
|
+ o Command-line option to override quit
|
|
|
+ o Add more information to directory server entries
|
|
|
o Exit policies
|
|
|
- D jurisdiction? others?
|
|
|
+ - More directory servers
|
|
|
+ - Add in long-term nicknames
|
|
|
+ - Give normal routers signing keys
|
|
|
+ - Let dirservers keep only {nickname, signingkey} in routers.or
|
|
|
+ - dirport needs to accept 'post' requests
|
|
|
+ for routers submitting (signed) new entries
|
|
|
+ - routers submit new entries periodically
|
|
|
+ - dirserver checks signature
|
|
|
+ D client checks signature?
|
|
|
+ D Advanced directory servers
|
|
|
+ D Automated reputation management
|
|
|
SPEC!! D Figure out how to do threshold directory servers
|
|
|
+ D jurisdiction info in dirserver entries? other info?
|
|
|
. Scrubbing proxies
|
|
|
- Find an smtp proxy?
|
|
|
- Check the old smtp proxy code
|
|
|
@@ -79,7 +89,8 @@ SPEC!! D Figure out how to do threshold directory servers
|
|
|
D socks5
|
|
|
SPEC!! - Handle socks commands other than connect, eg, bind?
|
|
|
. Develop rendezvous points
|
|
|
- . Spec (still needs step-by-step instructions)
|
|
|
+ o Design
|
|
|
+ - Spec
|
|
|
- Implement
|
|
|
D Deploy and manage open source development site.
|
|
|
. Documentation
|
|
|
@@ -97,11 +108,9 @@ NICK . Unit tests
|
|
|
. httperf infrastructure (easy to set up)
|
|
|
. oprofile (installed in RH >8.0)
|
|
|
D Deploy a widespread network
|
|
|
- . Router twins
|
|
|
- o Choose twin if primary is down, when laying circuit
|
|
|
- D Load balancing between twins
|
|
|
- - Keep track of load over links/nodes, to
|
|
|
- know who's hosed
|
|
|
+ D Load balancing between router twins
|
|
|
+ D Keep track of load over links/nodes, to
|
|
|
+ know who's hosed
|
|
|
NICK . Daemonize and package
|
|
|
o Teach it to fork and background
|
|
|
- Red Hat spec file
|
|
|
@@ -113,7 +122,7 @@ NICK . Daemonize and package
|
|
|
o BSD
|
|
|
. Solaris
|
|
|
o Cygwin
|
|
|
- . Win32
|
|
|
+ o Win32
|
|
|
o OS X
|
|
|
o openssl randomness
|
|
|
o inet_ntoa
|
|
|
@@ -122,9 +131,9 @@ NICK . Daemonize and package
|
|
|
D Move away from openssl
|
|
|
o Abstract out crypto calls
|
|
|
D Look at nss, others? Just include code?
|
|
|
- . Clearer bandwidth management
|
|
|
- - Do we want to remove bandwidth from OR handshakes?
|
|
|
- - What about OP handshakes?
|
|
|
+ o Clearer bandwidth management
|
|
|
+ o Do we want to remove bandwidth from OR handshakes?
|
|
|
+ o What about OP handshakes?
|
|
|
- More flexibility in node addressing
|
|
|
D Support IPv6 rather than just 4
|
|
|
- Handle multihomed servers (config variable to set IP)
|
Roger Dingledine