|
|
@@ -199,94 +199,3 @@ Blue-sky:
|
|
|
streams, at least according to the protocol. But we handle all that
|
|
|
we've seen in the wild.
|
|
|
(Pending a user who needs this)
|
|
|
-
|
|
|
-Volunteer projects: [Phobos moves these to contribute.html]
|
|
|
- - use openssl aes when available
|
|
|
- - do the kernel buffer style design
|
|
|
- - Server instructions for OSX and Windows operators.
|
|
|
- - Improve and clarify the wiki entry on port forwarding.
|
|
|
- - how do ulimits work on win32, anyway? (We should handle WSAENOBUFS as
|
|
|
- needed, look at the MaxConnections registry entry, look at the
|
|
|
- MaxUserPort entry, and look at the TcpTimedWaitDelay entry. We may also
|
|
|
- want to provide a way to set them as needed. See bug 98.)
|
|
|
- - Implement reverse DNS (already specified)
|
|
|
- - It would be nice to have a FirewalledIPs thing that works like
|
|
|
- FirewallPorts.
|
|
|
- - Make configure.in handle cross-compilation
|
|
|
- - Have NULL_REP_IS_ZERO_BYTES default to 1.
|
|
|
- - Make with-ssl-dir disable search for ssl.
|
|
|
- - Packaging, docs, etc:
|
|
|
- - Exit node caching: tie into squid or other caching web proxy.
|
|
|
- - Have clients and dirservers preserve reputation info over
|
|
|
- reboots.
|
|
|
- - Support egd or other non-OS-integrated strong entropy sources
|
|
|
- - password protection for on-disk identity key
|
|
|
- - Possible to get autoconf to easily install things into ~/.tor?
|
|
|
- - server descriptor declares min log level, clients avoid servers
|
|
|
- that are too loggy.
|
|
|
- - Separate node discovery from routing to allow neat extensions. [Goodell?]
|
|
|
- - Add SetServerStatus control event to adjust verified/running status of
|
|
|
- nodes.
|
|
|
- - Add NoDownload config option to prevent regular directory downloads
|
|
|
- from happening.
|
|
|
- - Choosing exit node by meta-data, e.g. country.
|
|
|
- - What info squeaks by Privoxy? Are other scrubbers better?
|
|
|
- - web proxy gateways to let normal people browse hidden services.
|
|
|
- (This has been done a few times, but nobody has sent us code.)
|
|
|
- - Use cpuworker for more heavy lifting.
|
|
|
- - Signing (and verifying) hidserv descriptors
|
|
|
- - Signing (and verifying) intro/rend requests
|
|
|
- - Signing (and verifying) router descriptors
|
|
|
- - Signing (and verifying) directories
|
|
|
- - Doing TLS handshake (this is very hard to separate out, though)
|
|
|
- - Buffer size pool: allocate a maximum size for all buffers, not a maximum
|
|
|
- size for each buffer. So we don't have to give up as quickly (and kill
|
|
|
- the thickpipe!) when there's congestion.
|
|
|
- - Congestion control. Is our current design sufficient once we have heavy
|
|
|
- use? Need to measure and tweak, or maybe overhaul.
|
|
|
- - Add alternative versions of crypto.c and tortls.c to use libnss or
|
|
|
- libgcrypt+gnutls.
|
|
|
- - If we have a trusted directory on port 80, optionally stop falling back
|
|
|
- to forbidden ports when fascistfirewall blocks all good dirservers.
|
|
|
-
|
|
|
-
|
|
|
-Research projects: [Phobos moves these to contribute.html]
|
|
|
- - Arranging membership management for independence.
|
|
|
- Sybil defenses without having a human bottleneck.
|
|
|
- How to gather random sample of nodes.
|
|
|
- How to handle nodelist recommendations.
|
|
|
- Consider incremental switches: a p2p tor with only 50 users has
|
|
|
- different anonymity properties than one with 10k users, and should
|
|
|
- be treated differently.
|
|
|
- - Incentives to relay; incentives to exit.
|
|
|
- - Allowing dissidents to relay through Tor clients.
|
|
|
- - Experiment with mid-latency systems. How do they impact usability,
|
|
|
- how do they impact safety?
|
|
|
- - Understand how powerful fingerprinting attacks are, and experiment
|
|
|
- with ways to foil them (long-range padding?).
|
|
|
- - Come up with practical approximations to picking entry and exit in
|
|
|
- different routing zones.
|
|
|
- - Find ideal churn rate for helper nodes; how safe is it?
|
|
|
- - Attacking freenet-gnunet/timing-delay-randomness-arguments.
|
|
|
- - Is exiting from the middle of the circuit always a bad idea?
|
|
|
- - IPv6 support (For exit addresses)
|
|
|
- - Spec issue: if a resolve returns an IP4 and an IP6 address,
|
|
|
- which to use?
|
|
|
- - Add to exit policy code
|
|
|
- - Make tor_gethostbyname into tor_getaddrinfo
|
|
|
- - Make everything that uses uint32_t as an IP address change to use
|
|
|
- a generalize address struct.
|
|
|
- - Change relay cell types to accept new addresses.
|
|
|
- - Add flag to serverdescs to tell whether IPv6 is supported.
|
|
|
- - patch tsocks with our current patches + gethostbyname, getpeername, etc.
|
|
|
- - make freecap (or whichever) do what we want.
|
|
|
- - scrubbing proxies for protocols other than http.
|
|
|
- - We need better default privoxy configs to ship.
|
|
|
- - We need a good scrubbing HTTP proxy; privoxy is unmaintained and sucky.
|
|
|
- - A DNS proxy would let unmodified socks4/socks5 apps to work well.
|
|
|
- - Add SOCKS support to more applications
|
|
|
- - store hidden service information to disk: dirservers forget service
|
|
|
- descriptors when they restart; nodes offering hidden services forget
|
|
|
- their chosen intro points when they restart.
|
|
|
-
|
|
|
-
|
Andrew Lewman