| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109 |
- Legend:
- SPEC!! - Not specified
- SPEC - Spec not finalized
- NICK - nick claims
- ARMA - arma claims
- - Not done
- * Top priority
- . Partially done
- o Done
- D Deferred
- X Abandoned
- Flag-day changes: (things which are backward incompatible)
- o remove link key from directories, from connection_t.
- (just get it from the tls cert)
- o Generate link keys on startup; don't store them to disk.
- o make onion keys include oaep padding, so you can tell
- if you decrypted it correctly
- o Rotate onion keys as needed
- D Rotate TLS connections [arma]
- o Set expiration times on X509 certs [nickm]
- o add bandwidthrate and bandwidthburst to server descriptor [nickm]
- o directories need to say who signed them. [nickm]
- - remove assumption that 0.0.5 doesn't do rendezvous?
- D what other pieces of the descriptors need to change?
- maybe add a section for who's connected to a given router?
- add a flexible section for reputation info?
- For September:
- - Windows port
- - works as client
- - deal with pollhup / reached_eof on all platforms
- - robust as a client
- - works as server
- - can be configured
- - robust as a server
- - docs for building in win
- - installer?
- - Docs
- - FAQ
- - overview of tor. how does it work, what's it do, pros and
- cons of using it, why should I use it, etc.
- - a howto tutorial with examples
- - tutorial: how to set up your own tor network
- - (need to not hardcore dirservers file in config.c)
- - correct, update, polish spec
- - document the exposed function api?
- - document what we mean by socks.
- - packages
- - rpm
- - find a long-term rpm maintainer
- - code
- - better warn/info messages
- - let tor do resolves.
- - extend socks4 to do resolves?
- - make script to ask tor for resolves
- - tsocks
- - gather patches, submit to maintainer
- - intercept gethostbyname and others, do resolve via tor
- - redesign and thorough code revamp, with particular eye toward:
- - support half-open tcp connections
- - conn key rotation
- - other transports -- http, airhook
- - modular introduction mechanism
- - allow non-clique topology
- Other details and small things:
- . should maybe make clients exit(1) when bad things happen?
- e.g. clock skew.
- - should retry exitpolicy end streams even if the end cell didn't
- resolve the address for you
- - Add '[...truncated]' or similar to truncated log entries (like the directory
- in connection_dir_process_inbuf()).
- . Make logs handle it better when writing to them fails.
- - Dirserver shouldn't put you in running-routers list if you haven't
- uploaded a descriptor recently
- . Refactor: add own routerinfo to routerlist. Right now, only
- router_get_by_nickname knows about 'this router', as a hack to
- get circuit_launch_new to do the right thing.
- Rendezvous service:
- - preemptively build and start rendezvous circs
- - preemptively build n-1 hops of intro circs?
- - cannibalize general circs?
- - fix router_get_by_* functions so they can get ourselves too,
- and audit everything to make sure rend and intro points are
- just as likely to be us as not.
- In the distant future:
- . Scrubbing proxies
- - Find an smtp proxy?
- . Get socks4a support into Mozilla
- - migrate to using IPv6 sizes everywhere
- - handle half-open tcp conns
- - Extend by nickname/hostname/something, not by IP.
- - Need a relay teardown cell, separate from one-way ends.
- - Make it harder to circumvent bandwidth caps: look at number of bytes
- sent across sockets, not number sent inside TLS stream.
- - Look at having smallcells and largecells
- D Advanced directory servers
- D Automated reputation management
- D Figure out how to do threshold directory servers
- D jurisdiction info in dirserver entries? other info?
- X On the fly compression of each stream
|
