[tor-commits] [translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties
commit 5e38353f61d45d7c4e718deb66699fc75cb3f415 Author: Translation commit botDate: Sat Sep 26 05:45:54 2015 + Update translations for torbutton-torbuttonproperties --- he/torbutton.properties | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/he/torbutton.properties b/he/torbutton.properties index dd21931..fbeab66 100644 --- a/he/torbutton.properties +++ b/he/torbutton.properties @@ -14,11 +14,11 @@ torbutton.panel.plugins.disabled = ×××¥ ××פע×ת ת×ספ×× torbutton.panel.plugins.enabled = ×××¥ ×××××× ×ª×ספ×× torbutton.panel.label.disabled = Tor ××××× torbutton.panel.label.enabled = Tor פ××¢× -extensions.torbut...@torproject.org.description = Torbutton provides a button to configure Tor settings and quickly and easily clear private browsing data. -torbutton.popup.history.warning = Torbutton ××¡× ×¤×¢×××ת ×××× ×©× ××¢× ×××¦× ××ר ×©× Tor.\n\nפע××× ×× × ××¢×× ×עק××£ ×ת ×××××× 409737 ×-417869 ×פ××רפ×קס.\n\n×× ××××¢× ×× × ×¨××ת ××× ×× ×¡×××, ×ת×× ×©××× ××תר×× ×× ×¡× ×××¢×× ×ת עצ×× ×××ש ×רקע, ×פע××× ×× × ×ס××.\n\n××× ×××¢×× ×××ש ×תר ××¢×רת Tor, ×××¥ ×¢× ×× ×ר ×ש×רת ××ת××ת ש××.\n\n -torbutton.popup.plugin.warning = Torbutton ××¡× ××¢×× × ×©× ×ª××× ×ª×ספ××.\n\n×× × ×שת×ש ××פשר×ת "ש××ר ×ש×" ××ק××.\n\n -torbutton.popup.confirm_ca_certs = ×ערת Torbutton: × ×¨×× ×©××× ×× ×¨×©×××ת ××ש×ר×× ××ת×××× ××ש×ת. ×××× ×ª רש××ת ×רש×××ת ××× ×¤×¢××× ××××ת ×שר ××××× ×ת Tor. ××× ××ª× ×¨××¦× ×××× ×ת ×××××× ×©× ×ª×¢×××ת ××ס×××ת? (×× ××ª× ×× ×××× ×× ×ת ××, ×× ×××× ×××××¥ ×¢× ××ש×ר) -torbutton.popup.ff3.warning = ×××ר×!\n\nTorbutton ××פ××¤× Firefox 3 ××××¢ ××××פת ××××¢ ××××ת ×××ר ××× ××¨× Tor.\n\n××× ×רצ×× × ×××ש×× ××ר×ת ××ת? +extensions.torbut...@torproject.org.description = Torbutton ×ספק ×× ×פת×ר ×××××¨× × ××× ×©× Tor ××× ×ק××× ×××ר ×©× × ×ª×× × ×××××©× ×פר×××× ×©××. +torbutton.popup.history.warning = Torbutton ××¡× ×¤×¢×××ת ×××× ×©× ××¢× ×××¦× ××ר ×©× Tor.\n\nפע××× ×× × ××¢×× ××××ר ×¢× ××××× 409737 ×-417869 ×פ××רפ×קס.\n\n×× ××××¢× ×× ×¦×¦× ××× ×¡××× × ×¨××ת ××¢××, ××ת×× ×©××× ××תר×× × ××¡× ××¨×¢× × ×ת עצ×× ×רקע, ×פע××× ×× × ×ס××.\n\n××× ××¨×¢× × ×תר ×××¦× Tor ×× ×××× , ×××¥ ×¢× ×קש Enter ××ק××ת ×עת ש×ס×× ××××× ×ש×רת ××ת××ת ××פ×פ×.\n\n +torbutton.popup.plugin.warning = Torbutton ××¡× ××¢×× × ×ש××¨× ×©× ×ª××× ×ª×ספ××.\n\n×× × ×שת×ש ××פשר×ת "ש××ר ×ש×" ××ק×× ××ת.\n\n +torbutton.popup.confirm_ca_certs = ×ערת Torbutton: × ×¨×× ×©××× ×× ×¨×©×××ת ××ש×ר×× ××ת×××ת ××ש×ת. ×××× ×ª רש××ת ×רש×××ת ××× ×¤×¢××× ××××ת ×שר ××××× ×ת Tor. ××× ××ª× ×¨××¦× ×××× ×ת ×××××× ×©× ××ש××¨× ×¨×©×××ת ×××ש×ר××? (×× ××× × ×××× ××××¢× ××, ת××× ×××××¥ ×¢× ××ש×ר ××× ×שש) +torbutton.popup.ff3.warning = ×××ר×!\n\nTorbutton ××פ××¤× Firefox 3 ×××××£ ××××××ת ×ת × ×ª×× × ×××ר ×××× ××ס××× ××ת ××××ת ש××.\n\n××× ×רצ×× × ×××ש×× ××× ××ת? torbutton.popup.toggle.warning = ×¢××× ××פע×× ×× ××ת×× ×ת Tor ×¢× ×× ×ª ש××××ר×ת ××× ×¡× ×ת×קפ×. torbutton.popup.test.success = ×××קת ×פר××§×¡× ×©× Tor ×¢××¨× ××צ×××! torbutton.popup.test.failure = ×××קת ×פר××§×¡× ×©× Tor × ×ש××! ×××ק ×ת ×××ר×ת ×פר××§×¡× ×-Polipo. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-branddtd_completed] Update translations for torbutton-branddtd_completed
commit 0188902db93f530567e86b2e85b2977c1f3ebedb Author: Translation commit botDate: Sat Sep 26 05:45:48 2015 + Update translations for torbutton-branddtd_completed --- he/brand.dtd |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/he/brand.dtd b/he/brand.dtd index 37414dd..53a93bb 100644 --- a/he/brand.dtd +++ b/he/brand.dtd @@ -11,5 +11,5 @@ - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-branddtd] Update translations for torbutton-branddtd
commit 58cf13fbebdb5d15392130c00616462cb15d5f5b Author: Translation commit botDate: Sat Sep 26 05:45:45 2015 + Update translations for torbutton-branddtd --- he/brand.dtd |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/he/brand.dtd b/he/brand.dtd index 37414dd..53a93bb 100644 --- a/he/brand.dtd +++ b/he/brand.dtd @@ -11,5 +11,5 @@ - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torcheck_completed] Update translations for torcheck_completed
commit a37d5aaf9d14b7d6fa31d1450d00da71d098b6e4 Author: Translation commit botDate: Sat Sep 26 05:15:12 2015 + Update translations for torcheck_completed --- he/torcheck.po |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/he/torcheck.po b/he/torcheck.po index 1e4ad5f..6ae0b0f 100644 --- a/he/torcheck.po +++ b/he/torcheck.po @@ -12,7 +12,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2015-09-24 05:54+\n" +"PO-Revision-Date: 2015-09-26 05:12+\n" "Last-Translator: Johnny Diralenzo\n" "Language-Team: Hebrew (http://www.transifex.com/otf/torproject/language/he/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torcheck] Update translations for torcheck
commit c0061a2a3868e347312fe69b4e4df2f7ea2f21f7 Author: Translation commit botDate: Sat Sep 26 05:15:09 2015 + Update translations for torcheck --- he/torcheck.po |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/he/torcheck.po b/he/torcheck.po index 1e4ad5f..6ae0b0f 100644 --- a/he/torcheck.po +++ b/he/torcheck.po @@ -12,7 +12,7 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2015-09-24 05:54+\n" +"PO-Revision-Date: 2015-09-26 05:12+\n" "Last-Translator: Johnny Diralenzo\n" "Language-Team: Hebrew (http://www.transifex.com/otf/torproject/language/he/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/https_everywhere] Update translations for https_everywhere
commit ab978d568357fe613a737239a77ddd65fcf0eef4 Author: Translation commit botDate: Sat Sep 26 04:45:15 2015 + Update translations for https_everywhere --- he/ssl-observatory.dtd | 36 ++-- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/he/ssl-observatory.dtd b/he/ssl-observatory.dtd index 28e28e6..3c6e552 100644 --- a/he/ssl-observatory.dtd +++ b/he/ssl-observatory.dtd @@ -3,9 +3,9 @@ - + +"××× ×רצ×× × ×©-HTTPS ××× ×ק×× ×סת×××¢ ××××ר ×תע×××ת ××ק×××?"> +"×פשר×ת ×× ××××× ×ש×××ש, ××× ×× ×× ××ª× ×שת×ש ×רשת ת×××××ת פ×××©× ×ת ××××:"> +"××× ×¡×× ×, ××× ×× ×× ××ª× ×שת×ש ×רשת ת×××××ת ס×××¨× ×©×©××ת שרת×× ×¡×××××:"> +"ש×× ×××××§× ×× ××ש×ר ×©× ××ª× ×¢× ××× ×¨×©×ת ××ש×ר×× ×¢×××× × ×× ×ª×§× ×ת"> - + +"×צע ×ת ×××× ××××ת ×××ש×ר×× ××¨× ×רשת ×©× Tor ×¢× ×× ×ª ×ש××ר ×¢× ×¤×¨××××ª× (××××× ×©×××ש ×-Tor)."> +"×פשר×ת ××ת ×ª×¤×¢× ×¨×§ ×××§×¨× ×©-Tor ××ר ×××ª×§× ×××פע×."> +"×שתר×× ××ש×ר ××ש, ×¢××× ×ת ×××ר ×××ש×ר×× ××ק××× ××××ת ספק ×××× ××¨× × ×©××"> +"×× ××××ר ××ש×× ×ת ×ספר ××ער×ת ×××××× ××× ×©× ×רשת ש××. ××ר ×× ××¢××ר ×× × ×××§× ×תקפ×ת ×¢× HTTPS ××ק××¢ ××× × ×§×× ××××××× ×רשת×ת ××ק×××ת ××× ××ר×× ×ס×ר×× ×©××× ×תקפ×ת ש×××× ×©××××ת ××ס×ת."> +"×× ××××ק ×ת ×תע×××ת שת×ש××× × ×× ××× ×¨×©××ת ×××ש×ר×× ××××××××. ××¦×¢×¨× × ××¨× ××× × × ×××××× ××ת×××× ×©× ×תר ×× ×ª×¢××× ×©×¤× ×ª×קפ×, ×× ×× ××× ××ת ת××¦× ××ª×¨×¢× ××©× × ×¡×××× ×¡××ר ש×ש×× ×שת×ש."> +"HTTPS ××× ×ק×× ×××× ××שת×ש ××××ר ×××ש×ר×× ××ק××× ×©× EFF. ×× ×ª×¤×¢×× ×פשר×ת ×× ××× ×ª××× ×ת×צ××ת ××××ת: +(1) ××ש××× ×¢×תק×× ×××ש××¨× HTTPS ××××ר, ××× ××¢××ר ×× × ××××¨× ×תקפ×ת ××× ×××צע ××שפר ×ת ××××ת ×רשת; ×-(2) × ××× ××תר××¢ ××¤× ×× ×¢× ××××ר×× ×× ×××××××× ××¢× ×תקפ×ת ×¢× ××פ××¤× ×©××."> https://www.something.com, ×××ש×ר ש×תק×× ×¢× ××× ×××¦×¤× ×צ××× ×©××ש×× ××קר × www.something.com, ××× ×× ×× ××קר ××תר, ×× ×¢× ×××× ×¢××× ×¡×¤×¦××¤× ×× ×סת×××. תע××ר ×¢× ××¢××ר ×¢× ××פשר×××ת ×ש××× ×¤×¨××× × ×ספ××:"> +"××××××, ××שר ××ª× ××קר ×- https://www.something.com, ×××ש×ר ש×תק×× ×צ×× × ××××ר ××¢×× ×¢× ×× ×©××ש×× ××קר ×- www.something.com, ×× ××× ×¤×¨××× ×¢× ×××ת ×××קר ×× ×¢× ××¢××××× ×ספצ×פ××× ××××× ××ש. ×¢××ר ×¢× ×¡×× ××¢××ר ×¢× ××פשר×××ת ×ק××ת פר××× × ×ספ××:"> +"×××ק ××ש×ר×× ×× ×ש××× × ××××ר ×רשת Tor"> +"××× × × ×©×ª×× ×ש××ר ×¢× ×¤×¨×××ת ×× ×ª×× ××, ××× ×פשר×ת ××ת ××××× ×¤××ת"> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/https_everywhere] Update translations for https_everywhere
commit 7b0ec0d1b511809cf7739d2010220bdd6a6035e8 Author: Translation commit botDate: Sat Sep 26 04:15:16 2015 + Update translations for https_everywhere --- he/https-everywhere.dtd| 34 +- he/https-everywhere.properties |6 +++--- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/he/https-everywhere.dtd b/he/https-everywhere.dtd index e750dc1..7b7e540 100644 --- a/he/https-everywhere.dtd +++ b/he/https-everywhere.dtd @@ -1,36 +1,36 @@ - - - + + + - + - + - - + + - + - + - + - + @@ -38,13 +38,13 @@ - - + + - - - + + + - + diff --git a/he/https-everywhere.properties b/he/https-everywhere.properties index c1c604f..ae26949 100644 --- a/he/https-everywhere.properties +++ b/he/https-everywhere.properties @@ -1,8 +1,8 @@ https-everywhere.menu.globalEnable = ××פע×× ×ת HTTPS Everywhere -https-everywhere.menu.globalDisable = ××ש××ת ×ת HTTPS Everywhere +https-everywhere.menu.globalDisable = ××ש××ת ×ת "HTTPS ××× ×ק××" https-everywhere.menu.enableDisable = ××פע××/××ש××ת ××××× https-everywhere.menu.noRules = (××× ××××× ×¢××ר ××£ ××) https-everywhere.menu.unknownRules = (××××× ×××£ ×× ××× × ××××¢××) -https-everywhere.toolbar.hint = âHTTPS Everywhere ×××¤×¢× ×עת. ××פשר××ª× ××××××£ ×ת ××¦× ×¤×¢××××ª× ×¢× ×ס×ס ×©× ×¦××¨× ×ש×תפת ×¢× ××× ×ק××§× ×¢× ×ס×× ×שר ×ת×× ×©×רת ××ת××ת. -https-everywhere.migration.notification0 = ××× ××××©× ×ª×ק×× ×××× ×, ×¢×××× ×× ××פס ×ת ×××× ××¢×פ×ת ×©× HTTPS ××× ×ק×× ×ער×× ×ר×רת ××××× ×©×××. +https-everywhere.toolbar.hint = â"HTTPS ××× ×ק××" פ××¢× ×עת. ××פשר××ª× ××ת××× ×ת ××¦× ×¤×¢××××ª× ××× ×תר ×× ×¤×¨× ×¢× ××× ××××¦× ×¢× ×צ×××ת ש×ת×× ×©×רת ××ת××ת. +https-everywhere.migration.notification0 = ××× ××ª×§× ×ª×§×× ×××ר×, ×¢×××× ×× ××פס ×ת ×× ×××× "HTTPS ××× ×ק××" ×ער×× ×ר×רת ××××× ×©×××. https-everywhere.menu.ruleset-tests = ××¤×¢× HTTPS ××× ×ק×× ×××ק×ת Ruleset ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed
commit 5352525512b669851931f7dafcb1c95ab70ad6cc Author: Translation commit botDate: Sat Sep 26 04:45:21 2015 + Update translations for https_everywhere_completed --- he/ssl-observatory.dtd | 38 +++--- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/he/ssl-observatory.dtd b/he/ssl-observatory.dtd index 28e28e6..c4794b1 100644 --- a/he/ssl-observatory.dtd +++ b/he/ssl-observatory.dtd @@ -3,9 +3,9 @@ - + +"××× ×רצ×× × ×©-HTTPS ××× ×ק×× ×סת×××¢ ××××ר ×תע×××ת ××ק×××?"> +"×פשר×ת ×× ××××× ×ש×××ש, ××× ×× ×× ××ª× ×שת×ש ×רשת ת×××××ת פ×××©× ×ת ××××:"> +"××× ×¡×× ×, ××× ×× ×× ××ª× ×שת×ש ×רשת ת×××××ת ס×××¨× ×©×©××ת שרת×× ×¡×××××:"> +"ש×× ×××××§× ×× ××ש×ר ×©× ××ª× ×¢× ××× ×¨×©×ת ××ש×ר×× ×¢×××× × ×× ×ª×§× ×ת"> - + +"×צע ×ת ×××× ××××ת ×××ש×ר×× ××¨× ×רשת ×©× Tor ×¢× ×× ×ª ×ש××ר ×¢× ×¤×¨××××ª× (××××× ×©×××ש ×-Tor)."> +"×פשר×ת ××ת ×ª×¤×¢× ×¨×§ ×××§×¨× ×©-Tor ××ר ×××ª×§× ×××פע×."> +"×שתר×× ××ש×ר ××ש, ×¢××× ×ת ×××ר ×××ש×ר×× ××ק××× ××××ת ספק ×××× ××¨× × ×©××"> +"×× ××××ר ××ש×× ×ת ×ספר ××ער×ת ×××××× ××× ×©× ×רשת ש××. ××ר ×× ××¢××ר ×× × ×××§× ×תקפ×ת ×¢× HTTPS ××ק××¢ ××× × ×§×× ××××××× ×רשת×ת ××ק×××ת ××× ××ר×× ×ס×ר×× ×©××× ×תקפ×ת ש×××× ×©××××ת ××ס×ת."> +"×× ××××ק ×ת ×תע×××ת שת×ש××× × ×× ××× ×¨×©××ת ×××ש×ר×× ××××××××. ××¦×¢×¨× × ××¨× ××× × × ×××××× ××ת×××× ×©× ×תר ×× ×ª×¢××× ×©×¤× ×ª×קפ×, ×× ×× ××× ××ת ת××¦× ××ª×¨×¢× ××©× × ×¡×××× ×¡××ר ש×ש×× ×שת×ש."> +"HTTPS ××× ×ק×× ×××× ××שת×ש ××××ר ×××ש×ר×× ××ק××× ×©× EFF. ×× ×ª×¤×¢×× ×פשר×ת ×× ××× ×ª××× ×ת×צ××ת ××××ת: +(1) ××ש××× ×¢×תק×× ×××ש××¨× HTTPS ××××ר, ××× ××¢××ר ×× × ××××¨× ×תקפ×ת ××× ×××צע ××שפר ×ת ××××ת ×רשת; ×-(2) × ××× ××תר××¢ ××¤× ×× ×¢× ××××ר×× ×× ×××××××× ××¢× ×תקפ×ת ×¢× ××פ××¤× ×©××."> https://www.something.com, ×××ש×ר ש×תק×× ×¢× ××× ×××¦×¤× ×צ××× ×©××ש×× ××קר × www.something.com, ××× ×× ×× ××קר ××תר, ×× ×¢× ×××× ×¢××× ×¡×¤×¦××¤× ×× ×סת×××. תע××ר ×¢× ××¢××ר ×¢× ××פשר×××ת ×ש××× ×¤×¨××× × ×ספ××:"> +"××××××, ××שר ××ª× ××קר ×- https://www.something.com, ×××ש×ר ש×תק×× ×צ×× × ××××ר ××¢×× ×¢× ×× ×©××ש×× ××קר ×- www.something.com, ×× ××× ×¤×¨××× ×¢× ×××ת ×××קר ×× ×¢× ××¢××××× ×ספצ×פ××× ××××× ××ש. ×¢××ר ×¢× ×¡×× ××¢××ר ×¢× ××פשר×××ת ×ק××ת פר××× × ×ספ××:"> +"×××ק ××ש×ר×× ×× ×ש××× × ××××ר ×רשת Tor"> +"××× × × ×©×ª×× ×ש××ר ×¢× ×¤×¨×××ת ×× ×ª×× ××, ××× ×פשר×ת ××ת ××××× ×¤××ת"> +"ש×× ×××××§× ××ש×ר×× ×¢××ר ש××ת ×ת×× ×©××× × × ××ת ××××"> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/abouttor-homepage_completed] Update translations for abouttor-homepage_completed
commit b8415a512254142a32efa13d2384203c490bb064 Author: Translation commit botDate: Sat Sep 26 05:16:01 2015 + Update translations for abouttor-homepage_completed --- he/aboutTor.dtd | 20 ++-- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/he/aboutTor.dtd b/he/aboutTor.dtd index e6fcce3..5b534a2 100644 --- a/he/aboutTor.dtd +++ b/he/aboutTor.dtd @@ -8,7 +8,7 @@ - + @@ -30,20 +30,20 @@ - + - - + + https://www.torproject.org/download/download.html.en#warning;> - - + + https://www.torproject.org/docs/tor-doc-relay.html.en;> - + https://www.torproject.org/getinvolved/volunteer.html.en;> - + https://www.torproject.org/donate/donate.html.en;> - - + + https://www.torproject.org/about/overview.html.en;> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed
commit 145258529bc9bdf83523e4e30f996e7a3df2d31a Author: Translation commit botDate: Sat Sep 26 05:15:30 2015 + Update translations for https_everywhere_completed --- he/ssl-observatory.dtd | 32 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/he/ssl-observatory.dtd b/he/ssl-observatory.dtd index c4794b1..bc41680 100644 --- a/he/ssl-observatory.dtd +++ b/he/ssl-observatory.dtd @@ -4,8 +4,8 @@ +× ×× ××פ××¤× ×©×× ×¢× ××פ×ש ××ש××¨× ××××× ××תק×××× ××תר×× ×ת×× + ×××ר ×××ש×ר×× ××ק×××. ××פע××?"> +"××× ×רצ×× × ×©-HTTPS ××× ×ק×× ×סת×××¢ ××××ר ×××ש×ר×× ××ק×××?"> @@ -44,10 +44,10 @@ to turn it on?">--> "×× ××××ר ××ש×× ×ת ×ספר ××ער×ת ×××××× ××× ×©× ×רשת ש××. ××ר ×× ××¢××ר ×× × ×××§× ×תקפ×ת ×¢× HTTPS ××ק××¢ ××× × ×§×× ××××××× ×רשת×ת ××ק×××ת ××× ××ר×× ×ס×ר×× ×©××× ×תקפ×ת ש×××× ×©××××ת ××ס×ת."> +"××¦× ××ª×¨×¢× ××שר ×××ר ×××ש×ר×× ×××× ××ש×ר שת××§×¤× ×¤× ×××× ×©××פ××¤× ×××× ××ת."> +"×× ××××ק ×ת ×××ש×ר×× ×©××ש××× ×× ××× ×¨×©××ת ×××ש×ר×× ××××××××. ××¦×¢×¨× × ××¨× ××× × × ×××××× ××ת×××× ×©× ×תר ×× ××ש×ר שת××§×¤× ×¤×, ×× ×× ××× ××ת ת××¦× ××ª×¨×¢× ××©× × ×¡×××× ×¡××ר ש×ש×× ×שת×ש."> @@ -76,20 +76,20 @@ Mouseover the options for further details:">--> "ש×× ×××××§× ××ש×ר×× ×¢××ר ש××ת ×ת×× ×©××× × × ××ת ××××"> +"××× ×× ×פשר×ת ××ת ס××× ×, ××××ר ×× ×ש××ר ××ש×ר×× ×¢××ר ש××ת ×ת×× ×©××× × ××פ××¢×× ×××××¨× ×©××ת ××ת×× ×צ×××ר×××"> - + - + - - - - - - + + + + + + +"ש×× ×××××§× ××ש×ר×× ×ת×××× ×¢×¦××ת"> +"×פשר×ת ×× ××××צת; ××¢××ת ××¦×¤× × × ×¤×צ×ת ×××××× ××§×¨× ×ער××ת ×ש××צ×ת ×××©× ××שת×ש×ת ×××ש××¨× ××××× ×ת×××× ×¢×¦××ת"> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/https_everywhere] Update translations for https_everywhere
commit c36fcb7b46e08fb04bef26ae51307c93079503a4 Author: Translation commit botDate: Sat Sep 26 05:15:21 2015 + Update translations for https_everywhere --- he/ssl-observatory.dtd | 34 +- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/he/ssl-observatory.dtd b/he/ssl-observatory.dtd index 3c6e552..bc41680 100644 --- a/he/ssl-observatory.dtd +++ b/he/ssl-observatory.dtd @@ -4,8 +4,8 @@ +× ×× ××פ××¤× ×©×× ×¢× ××פ×ש ××ש××¨× ××××× ××תק×××× ××תר×× ×ת×× + ×××ר ×××ש×ר×× ××ק×××. ××פע××?"> +"××× ×רצ×× × ×©-HTTPS ××× ×ק×× ×סת×××¢ ××××ר ×××ש×ר×× ××ק×××?"> @@ -44,10 +44,10 @@ to turn it on?">--> "×× ××××ר ××ש×× ×ת ×ספר ××ער×ת ×××××× ××× ×©× ×רשת ש××. ××ר ×× ××¢××ר ×× × ×××§× ×תקפ×ת ×¢× HTTPS ××ק××¢ ××× × ×§×× ××××××× ×רשת×ת ××ק×××ת ××× ××ר×× ×ס×ר×× ×©××× ×תקפ×ת ש×××× ×©××××ת ××ס×ת."> +"××¦× ××ª×¨×¢× ××שר ×××ר ×××ש×ר×× ×××× ××ש×ר שת××§×¤× ×¤× ×××× ×©××פ××¤× ×××× ××ת."> +"×× ××××ק ×ת ×××ש×ר×× ×©××ש××× ×× ××× ×¨×©××ת ×××ש×ר×× ××××××××. ××¦×¢×¨× × ××¨× ××× × × ×××××× ××ת×××× ×©× ×תר ×× ××ש×ר שת××§×¤× ×¤×, ×× ×× ××× ××ת ת××¦× ××ª×¨×¢× ××©× × ×¡×××× ×¡××ר ש×ש×× ×שת×ש."> @@ -73,23 +73,23 @@ Mouseover the options for further details:">--> "××× × × ×©×ª×× ×ש××ר ×¢× ×¤×¨×××ת ×× ×ª×× ××, ××× ×פשר×ת ××ת ××××× ×¤××ת"> +"ש×× ×××××§× ××ש×ר×× ×¢××ר ש××ת ×ת×× ×©××× × × ××ת ××××"> +"××× ×× ×פשר×ת ××ת ס××× ×, ××××ר ×× ×ש××ר ××ש×ר×× ×¢××ר ש××ת ×ת×× ×©××× × ××פ××¢×× ×××××¨× ×©××ת ××ת×× ×צ×××ר×××"> - + - + - - - - - - + + + + + + +"ש×× ×××××§× ××ש×ר×× ×ת×××× ×¢×¦××ת"> +"×פשר×ת ×× ××××צת; ××¢××ת ××¦×¤× × × ×¤×צ×ת ×××××× ××§×¨× ×ער××ת ×ש××צ×ת ×××©× ××שת×ש×ת ×××ש××¨× ××××× ×ת×××× ×¢×¦××ת"> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/abouttor-homepage] Update translations for abouttor-homepage
commit 413685127b36348e27d32845af8f24c975ccb2d6 Author: Translation commit botDate: Sat Sep 26 05:15:57 2015 + Update translations for abouttor-homepage --- he/aboutTor.dtd | 20 ++-- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/he/aboutTor.dtd b/he/aboutTor.dtd index e6fcce3..5b534a2 100644 --- a/he/aboutTor.dtd +++ b/he/aboutTor.dtd @@ -8,7 +8,7 @@ - + @@ -30,20 +30,20 @@ - + - - + + https://www.torproject.org/download/download.html.en#warning;> - - + + https://www.torproject.org/docs/tor-doc-relay.html.en;> - + https://www.torproject.org/getinvolved/volunteer.html.en;> - + https://www.torproject.org/donate/donate.html.en;> - - + + https://www.torproject.org/about/overview.html.en;> ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-aboutdialogdtd] Update translations for torbutton-aboutdialogdtd
commit f40225865a0ecbb65d6e014cf20b4e6196832b87 Author: Translation commit botDate: Sat Sep 26 05:16:24 2015 + Update translations for torbutton-aboutdialogdtd --- he/aboutdialog.dtd |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/he/aboutdialog.dtd b/he/aboutdialog.dtd index 097a3be..e39a7e5 100644 --- a/he/aboutdialog.dtd +++ b/he/aboutdialog.dtd @@ -1,11 +1,11 @@ - + - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-aboutdialogdtd_completed] Update translations for torbutton-aboutdialogdtd_completed
commit 7cff42829e106fbd782a7594a09016e87c8d9367 Author: Translation commit botDate: Sat Sep 26 05:16:27 2015 + Update translations for torbutton-aboutdialogdtd_completed --- he/aboutdialog.dtd |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/he/aboutdialog.dtd b/he/aboutdialog.dtd index 097a3be..e39a7e5 100644 --- a/he/aboutdialog.dtd +++ b/he/aboutdialog.dtd @@ -1,11 +1,11 @@ - + - + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [webwml/master] bump dev version to 0.2.7.3-rc
commit 18f8c87a14757f52e32e06d9a1a59a01cb95c8ea Author: Nick MathewsonDate: Fri Sep 25 12:29:02 2015 -0400 bump dev version to 0.2.7.3-rc --- Makefile |2 +- include/versions.wmi |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 0ddf8e6..d949bdf 100644 --- a/Makefile +++ b/Makefile @@ -15,7 +15,7 @@ # website component, and set it to needs_review. export STABLETAG=tor-0.2.6.10 -export DEVTAG=tor-0.2.7.2-alpha +export DEVTAG=tor-0.2.7.3-rc WMLBASE=. SUBDIRS=docs eff projects press about download getinvolved donate docs/torbutton diff --git a/include/versions.wmi b/include/versions.wmi index 1ee5d43..8162d0a 100644 --- a/include/versions.wmi +++ b/include/versions.wmi @@ -1,5 +1,5 @@ 0.2.6.10 -0.2.7.2-alpha +0.2.7.3-rc 0.2.6.10 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Add proposal for padding negotiation.
commit d159f9a820a2793f402de89782446e0833795267 Author: Mike PerryDate: Wed Sep 9 18:11:05 2015 -0700 Add proposal for padding negotiation. This is the version initially posted to tor-dev@lists. --- proposals/xxx-padding-negotiation.txt | 392 + 1 file changed, 392 insertions(+) diff --git a/proposals/xxx-padding-negotiation.txt b/proposals/xxx-padding-negotiation.txt new file mode 100644 index 000..66d8991 --- /dev/null +++ b/proposals/xxx-padding-negotiation.txt @@ -0,0 +1,392 @@ +Filename: xxx-padding-negotiation.txt +Title: Padding Negotiation +Authors: Mike Perry +Created: 01 September 2015 +Status: Draft + + +0. Overview + +This proposal aims to describe mechanisms for requesting various types +of padding from relays. + +These padding primitives are general enough to use to defend against +both website traffic fingerprinting as well as hidden service circuit +setup fingerprinting. + + +1. Motivation + +Tor already supports both link-level padding via (CELL_PADDING cell +types), as well as circuit-level padding (via RELAY_COMMAND_DROP relay +cells). + +Unfortunately, there is no way for clients to request padding from +relays, or request that relays not send them padding to conserve +bandwidth. This proposal aims to create a mechanism for clients to do +both of these. + + +2. Link-level padding + +Padding is most urgently needed to defend against a malicious or +compromised guard node. However, link-level padding is still useful to +defend against an adversary that can merely observe a Guard node +externally. Right now, the only case where link-level padding is known +to defend against any realistic attacker is for low-resolution +netflow-based attacks. + +In that scenario, the primary mechanism we need is a way for mobile +clients to tell their Guards to stop padding, or to pad less often. The +following Trunnel payloads should cover the needed parameters: + +const CELL_PADDING_COMMAND_STOP = 1; +const CELL_PADDING_COMMAND_START = 2; + +/* This command tells the relay to stop sending any periodic + CELL_PADDING cells. */ +struct cell_padding_stop { + u8 command IN [CELL_PADDING_COMMAND_STOP]; +}; + +/* This command tells the relay to alter its min and max timeout + range values, and if needed, send +struct cell_padding_start { + u8 command IN [CELL_PADDING_COMMAND_START]; + + /* Min must not be lower than the current consensus parameter + nf_ito_low. */ + u16 ito_low_ms; + + /* Max must not be lower than ito_low_ms */ + u16 ito_high_ms; +}; + +If more scenarios are discovered, future command numbers could be used +to include the end-to-end padding command payloads below, or other +defense parameterizations. + + +3. End-to-end circuit padding + +For end-to-end padding, we need two types of additional features: the +ability to schedule additional incoming cells at one or more fixed +points in the future, and the ability to schedule a statistical +distribution of arbitrary padding to overlay on top of non-padding +traffic (aka "Adaptive Padding"). + +In both cases, these messages will be sent from clients to middle nodes +using "leaky pipe" property of the 'recognized' field of RELAY cells, +allowing padding to originate from middle nodes on a circuit in a way +that is not detectable from the Guard node. + +3.1. Fixed-schedule padding message (RELAY_COMMAND_PADDING_SCHEDULE) + +The fixed schedule padding will be encoded in a +RELAY_COMMAND_PADDING_SCHEDULE cell. It specifies a set of up to 80 +fixed time points in the future to send cells. + +XXX: 80 timers is a lot to allow every client to create. We may want to +have something that checks this structure to ensure it actually +schedules no more than N in practice, until we figure out how to +optimize either libevent or timer scheduling/packet delivery. + +The RELAY_COMMAND_PADDING_SCHEDULE body is specified in Trunnel as +follows: + +struct relay_padding_schedule { + /* Number of microseconds before sending cells (cumulative) */ + u32 when_send[80]; + + /* Number of cells to send at time point sum(when_send[0..i]) */ + u16 num_cells[80]; + + /* Adaptivity: If 1, and server-originating cells arrive before the + next when_send time, then decrement the next non-zero when_send + index, so we don't send a padding cell then, too */ + u8 adaptive IN [0,1]; +}; + +To allow both high-resolution time values, and the ability to specify +timeout values far in the future, the time values are cumulative. In +other words, sending a cell with when_send = [MAX_INT, MAX_INT, MAX_INT, +0...] and num_cells = [0, 0, 100, 0...] would cause the relay to reply +with 100 cells in 3*MAX_INT microseconds from the receipt of this cell. + +3.2. Adaptive Padding message (RELAY_COMMAND_PADDING_ADAPTIVE) + +The following message is derived from the
[tor-commits] [torspec/master] Allow infinity transitions to be programmable.
commit ec84f2c788a1b08047fea854b2ed71d08eb94076 Author: Mike PerryDate: Fri Sep 11 18:37:32 2015 -0700 Allow infinity transitions to be programmable. Forgetting to specify the infinity transitions causes the state machine to just shut down. --- proposals/xxx-padding-negotiation.txt | 12 +--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/proposals/xxx-padding-negotiation.txt b/proposals/xxx-padding-negotiation.txt index 4202540..0292f22 100644 --- a/proposals/xxx-padding-negotiation.txt +++ b/proposals/xxx-padding-negotiation.txt @@ -174,6 +174,7 @@ specified in Trunnel as follows: const RELAY_PADDING_TRANSITION_EVENT_NONPADDING_SENT = 2; const RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT = 4; const RELAY_PADDING_TRANSITION_EVENT_PADDING_RECV = 8; +const RELAY_PADDING_TRANSITION_EVENT_INFINITY = 16; /* This payload encodes a histogram delay distribution representing * the probability of sending a single RELAY_DROP cell after a @@ -273,7 +274,7 @@ This causes it to enter burst mode (state B), in which a delay t is sampled from the Burst histogram, and a timer is scheduled to count down until either another matching packet arrives, or t expires. If the "Infinity" time is sampled from this histogram, the machine returns to -the Start state. +the lowest state with the INFINITY event bit set. If a packet that matches machines[i].burst.transition_start_events arrives before t expires, the machine transitions back to the Start @@ -290,7 +291,8 @@ arrives (or is sent), the machine transitions to the Gap state G. In state G, the machine samples from the Gap histogram and sends padding messages when the time it samples expires. If an infinite delay is -sampled while being in state G we jump back to state B. +sampled while being in state G we jump back to state B or S, +depending upon the usage of the infinity event bitmask. If a packet arrives that matches gap.transition_start_events, the machine transitions back to the Start state. @@ -349,11 +351,15 @@ the relay state machines: machines[0].burst.transition_gap_events = RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT; + machines[0].burst.transition_start_events = +RELAY_PADDING_TRANSITION_EVENT_INFINITY; + machines[0].gap.transition_reschedule_events = RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT; machines[0].gap.transition_burst_events = -RELAY_PADDING_TRANSITION_EVENT_NONPADDING_SENT; +RELAY_PADDING_TRANSITION_EVENT_NONPADDING_SENT | +RELAY_PADDING_TRANSITION_EVENT_INFINITY; The rest of the transition fields would be 0. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Generalize state transition capability.
commit 9703c86274bdeac3e7dde5c571210660e782dc5d Author: Mike PerryDate: Fri Sep 11 15:12:24 2015 -0700 Generalize state transition capability. Also allow the histograms to be variable in size. --- proposals/xxx-padding-negotiation.txt | 261 - 1 file changed, 192 insertions(+), 69 deletions(-) diff --git a/proposals/xxx-padding-negotiation.txt b/proposals/xxx-padding-negotiation.txt index 66d8991..005045a 100644 --- a/proposals/xxx-padding-negotiation.txt +++ b/proposals/xxx-padding-negotiation.txt @@ -34,7 +34,7 @@ compromised guard node. However, link-level padding is still useful to defend against an adversary that can merely observe a Guard node externally. Right now, the only case where link-level padding is known to defend against any realistic attacker is for low-resolution -netflow-based attacks. +netflow-based attacks (see Proposal 251[1]). In that scenario, the primary mechanism we need is a way for mobile clients to tell their Guards to stop padding, or to pad less often. The @@ -50,7 +50,8 @@ following Trunnel payloads should cover the needed parameters: }; /* This command tells the relay to alter its min and max timeout - range values, and if needed, send + range values, and send padding at that rate (resuming if + stopped). */ struct cell_padding_start { u8 command IN [CELL_PADDING_COMMAND_START]; @@ -62,9 +63,10 @@ following Trunnel payloads should cover the needed parameters: u16 ito_high_ms; }; -If more scenarios are discovered, future command numbers could be used -to include the end-to-end padding command payloads below, or other -defense parameterizations. +More complicated forms of link padding can still be specified using +the primitives in Section 3, by using "leaky pipe" topology to send +the RELAY commands to the Guard node instead of to later nodes in the +circuit. 3. End-to-end circuit padding @@ -78,7 +80,8 @@ traffic (aka "Adaptive Padding"). In both cases, these messages will be sent from clients to middle nodes using "leaky pipe" property of the 'recognized' field of RELAY cells, allowing padding to originate from middle nodes on a circuit in a way -that is not detectable from the Guard node. +that is not detectable from the Guard node. This same mechanism can also +be used to request padding from the Guard node itself. 3.1. Fixed-schedule padding message (RELAY_COMMAND_PADDING_SCHEDULE) @@ -100,7 +103,7 @@ follows: /* Number of cells to send at time point sum(when_send[0..i]) */ u16 num_cells[80]; - + /* Adaptivity: If 1, and server-originating cells arrive before the next when_send time, then decrement the next non-zero when_send index, so we don't send a padding cell then, too */ @@ -112,11 +115,11 @@ timeout values far in the future, the time values are cumulative. In other words, sending a cell with when_send = [MAX_INT, MAX_INT, MAX_INT, 0...] and num_cells = [0, 0, 100, 0...] would cause the relay to reply with 100 cells in 3*MAX_INT microseconds from the receipt of this cell. - + 3.2. Adaptive Padding message (RELAY_COMMAND_PADDING_ADAPTIVE) -The following message is derived from the Adaptive Padding defense -specified in "Timing Attacks and Defenses"[1]. +The following message is a generalization of the Adaptive Padding +defense specified in "Timing Attacks and Defenses"[2]. The message encodes either one or two state machines, each of which contain two histograms ("Burst" and "Gap") governing their behavior. @@ -133,37 +136,57 @@ distribution. Both "Gap" and "Burst" histograms each have a special "Infinity" bin, which means "We have decided not to send a packet". -Each histograms is combined with state transition information, which +Each histogram is combined with state transition information, which allows a client to specify the types of incoming packets that cause the state machine to decide to schedule padding cells (and/or when to cease scheduling them). -The histograms and the associated state machines are specified in -Trunnel as follows: +Note that our generalization of the Adaptive Padding state machine +actually gives clients full control over the state transition events, +even allowing them to specify a single-state state machine if desired. +See Sections 3.2.1 and 3.2.2 for details. + +The histograms and the associated state machine packet layout is +specified in Trunnel as follows: /* These constants form a bitfield to specify the types of events * that can cause padding to start or stop from a given state. */ -const RELAY_PADDING_TRANSITION_EVENT_INFINITY_BIN = 0; // "Always set" const RELAY_PADDING_TRANSITION_EVENT_NONPADDING_RECV = 1; const RELAY_PADDING_TRANSITION_EVENT_NONPADDING_SENT = 2; const RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT = 4; const
[tor-commits] [torspec/master] Note potential memory exhaustion DoS.
commit 2b0eb5172f7d3effae6d3aabb2e15efd36926b1d Author: Mike PerryDate: Fri Sep 11 17:09:28 2015 -0700 Note potential memory exhaustion DoS. Also clarify terminology and address some formatting issues. --- proposals/xxx-padding-negotiation.txt | 184 - 1 file changed, 113 insertions(+), 71 deletions(-) diff --git a/proposals/xxx-padding-negotiation.txt b/proposals/xxx-padding-negotiation.txt index 005045a..4202540 100644 --- a/proposals/xxx-padding-negotiation.txt +++ b/proposals/xxx-padding-negotiation.txt @@ -26,19 +26,23 @@ relays, or request that relays not send them padding to conserve bandwidth. This proposal aims to create a mechanism for clients to do both of these. +It also establishes consensus parameters to limit the amount of padding +that relays will send, to prevent custom wingnut clients from requesting +too much. + 2. Link-level padding -Padding is most urgently needed to defend against a malicious or +Padding is most useful if it can defend against a malicious or compromised guard node. However, link-level padding is still useful to defend against an adversary that can merely observe a Guard node -externally. Right now, the only case where link-level padding is known -to defend against any realistic attacker is for low-resolution -netflow-based attacks (see Proposal 251[1]). +externally, such as for low-resolution netflow-based attacks (see +Proposal 251[1]). -In that scenario, the primary mechanism we need is a way for mobile -clients to tell their Guards to stop padding, or to pad less often. The -following Trunnel payloads should cover the needed parameters: +In that scenario, the primary negotiation mechanism we need is a way for +mobile clients to tell their Guards to stop padding, or to pad less +often. The following Trunnel payloads should cover the needed +parameters: const CELL_PADDING_COMMAND_STOP = 1; const CELL_PADDING_COMMAND_START = 2; @@ -49,9 +53,9 @@ following Trunnel payloads should cover the needed parameters: u8 command IN [CELL_PADDING_COMMAND_STOP]; }; -/* This command tells the relay to alter its min and max timeout - range values, and send padding at that rate (resuming if - stopped). */ +/* This command tells the relay to alter its min and max netflow + timeout range values, and send padding at that rate (resuming + if stopped). */ struct cell_padding_start { u8 command IN [CELL_PADDING_COMMAND_START]; @@ -63,25 +67,28 @@ following Trunnel payloads should cover the needed parameters: u16 ito_high_ms; }; -More complicated forms of link padding can still be specified using -the primitives in Section 3, by using "leaky pipe" topology to send -the RELAY commands to the Guard node instead of to later nodes in the -circuit. +More complicated forms of link-level padding can still be specified +using the primitives in Section 3, by using "leaky pipe" topology to +send the RELAY commands to the Guard node instead of to later nodes in +the circuit. 3. End-to-end circuit padding -For end-to-end padding, we need two types of additional features: the +For circuit-level padding, we need two types of additional features: the ability to schedule additional incoming cells at one or more fixed points in the future, and the ability to schedule a statistical distribution of arbitrary padding to overlay on top of non-padding traffic (aka "Adaptive Padding"). In both cases, these messages will be sent from clients to middle nodes -using "leaky pipe" property of the 'recognized' field of RELAY cells, -allowing padding to originate from middle nodes on a circuit in a way -that is not detectable from the Guard node. This same mechanism can also -be used to request padding from the Guard node itself. +using the "leaky pipe" property of the 'recognized' field of RELAY +cells, allowing padding to originate from middle nodes on a circuit in a +way that is not detectable from the Guard node. + +This same mechanism can also be used to request padding from the Guard +node itself, to achieve link-level padding without the additional +overhead requirements on middle nodes. 3.1. Fixed-schedule padding message (RELAY_COMMAND_PADDING_SCHEDULE) @@ -92,7 +99,8 @@ fixed time points in the future to send cells. XXX: 80 timers is a lot to allow every client to create. We may want to have something that checks this structure to ensure it actually schedules no more than N in practice, until we figure out how to -optimize either libevent or timer scheduling/packet delivery. +optimize either libevent or timer scheduling/packet delivery. See also +Section 4.3. The RELAY_COMMAND_PADDING_SCHEDULE body is specified in Trunnel as follows: @@ -121,8 +129,9 @@ with 100 cells in 3*MAX_INT microseconds from the receipt of this cell. The following message is a generalization of the Adaptive Padding defense
[tor-commits] [torspec/master] Merge remote-tracking branch 'tpo-mikeperry/padding_negotiation-squashed'
commit 45407cd6ad108aeae9d11e2df6db902d0fbb20b1 Merge: 887d1c1 8ee79e0 Author: Isis LovecruftDate: Fri Sep 25 11:33:16 2015 + Merge remote-tracking branch 'tpo-mikeperry/padding_negotiation-squashed' proposals/xxx-padding-negotiation.txt | 628 + 1 file changed, 628 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Update proposal based on Teor's comments.
commit 69c95087851a09602034b6614a0cc0cfa53f03a9 Author: Mike PerryDate: Sun Sep 13 18:39:32 2015 -0700 Update proposal based on Teor's comments. Changes: * A zero machines.transition_burst_events means an immediate transition to the burst state. * Added RELAY_PADDING_TRANSITION_EVENT_BINS_EMPTY to allow a state transition when the bins become empty. * Change remove_tokens to allow client to specify removal direction for non-padding packets. * Make RELAY_COMMAND_PADDING_SCHEDULE take a variable number of scheduled times. * Increase and clarify rate limits. --- proposals/xxx-padding-negotiation.txt | 62 - 1 file changed, 45 insertions(+), 17 deletions(-) diff --git a/proposals/xxx-padding-negotiation.txt b/proposals/xxx-padding-negotiation.txt index 0292f22..b7d4e75 100644 --- a/proposals/xxx-padding-negotiation.txt +++ b/proposals/xxx-padding-negotiation.txt @@ -106,11 +106,13 @@ The RELAY_COMMAND_PADDING_SCHEDULE body is specified in Trunnel as follows: struct relay_padding_schedule { + u8 schedule_length IN [1..80]; + /* Number of microseconds before sending cells (cumulative) */ - u32 when_send[80]; + u32 when_send[schedule_length]; /* Number of cells to send at time point sum(when_send[0..i]) */ - u16 num_cells[80]; + u16 num_cells[schedule_length]; /* Adaptivity: If 1, and server-originating cells arrive before the next when_send time, then decrement the next non-zero when_send @@ -124,6 +126,10 @@ other words, sending a cell with when_send = [MAX_INT, MAX_INT, MAX_INT, 0...] and num_cells = [0, 0, 100, 0...] would cause the relay to reply with 100 cells in 3*MAX_INT microseconds from the receipt of this cell. +This scheduled padding is non-periodic. For any forms of periodic +padding, implementations should use the RELAY_COMMAND_PADDING_ADAPTIVE +cell from Section 3.2 instead. + 3.2. Adaptive Padding message (RELAY_COMMAND_PADDING_ADAPTIVE) The following message is a generalization of the Adaptive Padding @@ -175,6 +181,13 @@ specified in Trunnel as follows: const RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT = 4; const RELAY_PADDING_TRANSITION_EVENT_PADDING_RECV = 8; const RELAY_PADDING_TRANSITION_EVENT_INFINITY = 16; +const RELAY_PADDING_TRANSITION_EVENT_BINS_EMPTY = 32; + +/* Token Removal rules. Enum, not bitfield. */ +const RELAY_PADDING_REMOVE_NO_TOKENS = 0; +const RELAY_PADDING_REMOVE_LOWER_TOKENS = 1; +const RELAY_PADDING_REMOVE_HIGHER_TOKENS = 2; +const RELAY_PADDING_REMOVE_CLOSEST_TOKENS = 3; /* This payload encodes a histogram delay distribution representing * the probability of sending a single RELAY_DROP cell after a @@ -205,7 +218,7 @@ specified in Trunnel as follows: /* If true, remove tokens from the histogram upon padding and * non-padding activity. */ - u8 remove_toks IN [0,1]; + u8 remove_tokens IN [0..3]; }; /* This histogram encodes a delay distribution representing the @@ -237,7 +250,7 @@ specified in Trunnel as follows: /* If true, remove tokens from the histogram upon padding and non-padding activity. */ - u8 remove_toks IN [0,1]; + u8 remove_tokens IN [0..3]; }; struct adaptive_padding_machine { @@ -253,6 +266,9 @@ specified in Trunnel as follows: /* This is the full payload of a RELAY_COMMAND_PADDING_ADAPTIVE * cell. */ struct relay_command_padding_adaptive { + /* Technically, we could allow more than 2 state machines here, + but only two are sure to fit. More than 2 seems excessive + anyway. */ u8 num_machines IN [1,2]; struct adaptive_padding_machine machines[num_machines]; @@ -268,7 +284,9 @@ Each state machine has a Start state S, a Burst state B, and a Gap state G. The state machine starts idle (state S) until it receives a packet of a -type that matches the bitmask in machines[i].transition_burst_events. +type that matches the bitmask in machines[i].transition_burst_events. If +machines[i].transition_burst_events is 0, transition to the burst state +happens immediately. This causes it to enter burst mode (state B), in which a delay t is sampled from the Burst histogram, and a timer is scheduled to count down @@ -382,7 +400,7 @@ n = histogram_len-1 INFINITY_BIN = n a[0] = start_usec; -b[0] = start_usec + max_sec*USEC_PER_SEC/2^(n); +b[0] = start_usec + max_sec*USEC_PER_SEC/2^(n-1); for(i=1; i < n; i++) { a[i] = start_usec + max_sec*USEC_PER_SEC/2^(n-i) b[i] = start_usec + max_sec*USEC_PER_SEC/2^(n-i-1) @@ -416,18 +434,25 @@ accuracy to larger timescales (where accuracy is not as important). 3.2.4. Token removal and refill -If the remove_tok field is set to true for a given state's histogram, -then whenever a padding packet is sent, the
[tor-commits] [torspec/master] Add overhead accounting information.
commit 8ee79e004dd83830446002a7fb0b1689c90130cb Author: Mike PerryDate: Sun Sep 13 19:32:39 2015 -0700 Add overhead accounting information. Also fix a typo pointed out by Marc Juarez, and perform some other misc cleanups. --- proposals/xxx-padding-negotiation.txt | 49 + 1 file changed, 43 insertions(+), 6 deletions(-) diff --git a/proposals/xxx-padding-negotiation.txt b/proposals/xxx-padding-negotiation.txt index b7d4e75..a42bd6c 100644 --- a/proposals/xxx-padding-negotiation.txt +++ b/proposals/xxx-padding-negotiation.txt @@ -192,6 +192,8 @@ specified in Trunnel as follows: /* This payload encodes a histogram delay distribution representing * the probability of sending a single RELAY_DROP cell after a * given delay in response to a non-padding cell. + * + * Payload max size: 113 bytes */ struct burst_state { u8 histogram_len IN [2..51]; @@ -224,6 +226,8 @@ specified in Trunnel as follows: /* This histogram encodes a delay distribution representing the * probability of sending a single additional padding packet after * sending a padding packet that originated at this hop. + * + * Payload max size: 113 bytes */ struct gap_state { u8 histogram_len IN [2..51]; @@ -253,6 +257,7 @@ specified in Trunnel as follows: u8 remove_tokens IN [0..3]; }; +/* Payload max size: 227 bytes */ struct adaptive_padding_machine { /* This is a bitfield which specifies which direction and types * of traffic should cause us to transition to the burst @@ -264,7 +269,10 @@ specified in Trunnel as follows: }; /* This is the full payload of a RELAY_COMMAND_PADDING_ADAPTIVE - * cell. */ + * cell. + * + * Payload max size: 455 bytes + */ struct relay_command_padding_adaptive { /* Technically, we could allow more than 2 state machines here, but only two are sure to fit. More than 2 seems excessive @@ -346,7 +354,7 @@ histograms that the client uses locally will differ from the ones it sends to the upstream relay. On the client, the "SENT" direction means packets destined towards the -upstream, where as "RECV" means packets destined towards the client. +relay, where as "RECV" means packets destined towards the client. However, on the relay, the "SENT" direction means packets destined towards the client, where as "RECV" means packets destined towards the relay. @@ -489,7 +497,7 @@ possible. The risks from this proposal are primarily DoS/resource exhaustion, and side channels. -4.1. Rate limiting +4.1. Rate limiting and accounting Fully client-requested padding introduces a vector for resource amplification attacks and general network overload due to @@ -523,9 +531,38 @@ padding requests should be ignored: XXX: Should we cap padding at these rates, or fully disable it once they're crossed? Probably cap? -Proposal 251 introduced extra-info accounting at relays to enable us to -measure the total overhead of both link and circuit-level padding at -various relays. +In order to monitor the quantity of padding to decide if we should alter +these limits in the consensus, every node will publish the following +values in a padding-counts line in its extra-info descriptor: + + * write-drop-multihop + - The number of RELAY_DROP cells sent by this relay to a next hop + that is listed in the consensus. + * write-drop-onehop + - The number of RELAY_DROP cells sent by this relay to a next hop + that is not listed in the consensus. + * write-pad + - The number of CELL_PADDING cells sent by this relay. + * write-total + - The total number of cells sent by this relay. + * read-drop-multihop + - The number of RELAY_DROP cells read by this relay from a hop + that is listed in the consensus. + * read-drop-onehop + - The number of RELAY_DROP cells read by this relay from a hop + that is not listed in the consensus. + * read-pad + - The number of CELL_PADDING cells read by this relay. + * read-total + - The total number of cells read by this relay. + +Each of these counters will be rounded to the nearest 10,000 cells. This +rounding parameter will also be listed in the extra-info descriptor line, in +case we change it in a later release. + +In the future, we may decide to introduce Laplace Noise in a similar +manner to the hidden service statistics, to further obscure padding +quantities. 4.2. Malicious state machines ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [metrics-db/master] Fix broken link.
commit c40222ae5ca3a3ec04761f52e303fa18596183fa Author: Karsten LoesingDate: Fri Sep 25 21:19:11 2015 +0200 Fix broken link. --- web/formats.html |7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/web/formats.html b/web/formats.html index 3d6c2ba..19ac177 100644 --- a/web/formats.html +++ b/web/formats.html @@ -567,11 +567,12 @@ measurement; optional. -The files in recent +The files in recent accumulate all new Torperf measurements of a given day, which means that they may change throughout the day. -This is different from all other files in the recent -directory which do not change once they are written. +This is different from some of the other files in the +recent directory which do not change once they are +written. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-ircproperties] Update translations for tor-messenger-ircproperties
commit ba030347219d92da5782694889f7bf8ec29fef23 Author: Translation commit botDate: Fri Sep 25 06:46:38 2015 + Update translations for tor-messenger-ircproperties --- id/irc.properties | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/id/irc.properties b/id/irc.properties index cfbd862..52eae2e 100644 --- a/id/irc.properties +++ b/id/irc.properties @@ -47,13 +47,13 @@ ctcp.time=Waktu untuk %1$S adalah %2$S. # These are the help messages for each command, the %S is the command name # Each command first gives the parameter it accepts and then a description of # the command. -command.action=%S action to perform: Perform an action. -command.ctcp=%S nick msg: Sends a CTCP message to the nick. -command.chanserv=%S command: Send a command to ChanServ. -command.deop=%S nick1[,nick2]*: Remove channel operator status from someone. You must be a channel operator to do this. -command.devoice=%S nick1[,nick2]*: Remove channel voice status from someone, preventing them from speaking if the channel is moderated (+m). You must be a channel operator to do this. -command.invite2=%S nick[ nick]* [channel]: Invite one or more nicks to join you in the current channel, or to join the specified channel. -command.join=%S room1[ key1][,room2[ key2]]*: Enter one or more channels, optionally providing a channel key for each if needed. +command.action=%S action to perform: melakukan tindakan +command.ctcp=%S nick msg: mengirim CTCP ke nama samaran. +command.chanserv=%S command: mengirim perintah ke ChanSrv. +command.deop=%S nick1[,nick2]*: Membuang status operator kanal seseorang. Anda harus menjadi operator kanal untuk melakukan hal ini. +command.devoice=%S nick1[,nick2]*: Membuang status kanal suara seseorang, mencegahnya berbicara jika kanal dimoderasi (+m). Anda harus menjadi operator kanal untuk melakukan hal ini. +command.invite2=%S nick[ nick]* [channel]: mengundang satu atau lebih nama samaran untuk bergabung denganmu di kanal ini, atau bergabung dengan kanal tertentu. +command.join=%S room1[ key1][,room2[ key2]]*: Memasukan satu atau lebih kanal, optional menyediakan kunci kanal masing-masing jika dibutuhkan. command.kick=%S nick [message]: Remove someone from a channel. You must be a channel operator to do this. command.list=%S: Display a list of chat rooms on the network. Warning, some servers may disconnect you upon doing this. command.memoserv=%S command: Send a command to MemoServ. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-ircproperties] Update translations for tor-messenger-ircproperties
commit d65e1d06eedb7132ad7795f541ab9780f4fe Author: Translation commit botDate: Fri Sep 25 07:16:27 2015 + Update translations for tor-messenger-ircproperties --- id/irc.properties | 42 +- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/id/irc.properties b/id/irc.properties index 52eae2e..4fc394a 100644 --- a/id/irc.properties +++ b/id/irc.properties @@ -54,27 +54,27 @@ command.deop=%S nick1[,nick2]*: Membuang status operator kanal s command.devoice=%S nick1[,nick2]*: Membuang status kanal suara seseorang, mencegahnya berbicara jika kanal dimoderasi (+m). Anda harus menjadi operator kanal untuk melakukan hal ini. command.invite2=%S nick[ nick]* [channel]: mengundang satu atau lebih nama samaran untuk bergabung denganmu di kanal ini, atau bergabung dengan kanal tertentu. command.join=%S room1[ key1][,room2[ key2]]*: Memasukan satu atau lebih kanal, optional menyediakan kunci kanal masing-masing jika dibutuhkan. -command.kick=%S nick [message]: Remove someone from a channel. You must be a channel operator to do this. -command.list=%S: Display a list of chat rooms on the network. Warning, some servers may disconnect you upon doing this. -command.memoserv=%S command: Send a command to MemoServ. -command.modeUser=%S (+|-)new mode [nick]: Set or unset a user's mode. -command.modeChannel=%S channel[ (+|-)new mode [parameter][,parameter]*]: Get, set or unset a channel mode. -command.msg=%S nick message: Send a private message to a user (as opposed to a channel). -command.nick=%S new nickname: Change your nickname. -command.nickserv=%S command: Send a command to NickServ. -command.notice=%S target message: Send a notice to a user or channel. -command.op=%S nick1[,nick2]*: Grant channel operator status to someone. You must be a channel operator to do this. -command.operserv=%S command: Send a command to OperServ. -command.part=%S [message]: Leave the current channel with an optional message. -command.ping=%S [nick]: Asks how much lag a user (or the server if no user specified) has. -command.quit=%S message: Disconnect from the server, with an optional message. -command.quote=%S command: Send a raw command to the server. -command.time=%S: Displays the current local time at the IRC server. -command.topic=%S [new topic]: Set this channel's topic. -command.umode=%S (+|-)new mode: Set or unset a user mode. -command.version=%S nick: Request the version of a user's client. -command.voice=%S nick1[,nick2]*: Grant channel voice status to someone. You must be a channel operator to do this. -command.whois2=%S [nick]: Mendapat informasi ke seorang pengguna. +command.kick=%S nick [message]: Menghapus seseorang dari kanal. Anda harus menjadi operator kanal untuk melakukan hal ini. +command.list=%S: Menampilkan daftar ruang ngobrol di jaringan. Awas, beberapa server mungkin memutus koneksimu jika melakukan hal ini. +command.memoserv=%S command: mengirim perintah ke MemoServ. +command.modeUser=%S (+|-)new mode [nick]: membuat atau merubah moda pemakai. +command.modeChannel=%S channel[ (+|-)new mode [parameter][,parameter]*]: Mengambil, menyusun atau merombak moda kanal. +command.msg=%S nick message: Mengirim pesan pribadi kepada pengguna (sebagai kebalikan dari pesan ke kanal) +command.nick=%S new nickname: Merubah nama samaran. +command.nickserv=%S command: Mengirim perintah ke NickServ. +command.notice=%S target message: Mengirim pemberitahuan ke pengguna atau kanal. +command.op=%S nick1[,nick2]*: Memberi status operator kanal pada seseorang. Anda harus menjadi operator kanal agar bisa melakukan hal ini. +command.operserv=%S command: mengirim satu perintah ke OperServ. +command.part=%S [message]: Meninggalkan kanal ini dengan pesan pilihan. +command.ping=%S [nick]: Menanyakan berapa banyak pengguna (atau server jika tidak ada pengguna) yang tertinggal, +command.quit=%S message: Memutus koneksi server, dengan pilihan pesan. +command.quote=%S command: Mengirim pesan belum terolah ke server. +command.time=%S: Menampilkan waktu setempat saat ini di server IRC. +command.topic=%S [new topic]: Membuat judul kanal. +command.umode=%S (+|-)new mode: membuat atau merubah moda pengguna. +command.version=%S nick: Meminta versi klien pengguna. +command.voice=%S nick1[,nick2]*: Memberi status kanal suara pada seseorang. Anda harus menjadi operator kanal untuk dapat melakukan hal ini. +command.whois2=%S [nick]: Meminta informasi pengguna. # LOCALIZATION NOTE (message.*): #These are shown as system messages in the conversation. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-ircproperties_completed] Update translations for tor-messenger-ircproperties_completed
commit 5f8a59696807c1cb76547374f491d938c443cc61 Author: Translation commit botDate: Fri Sep 25 07:16:31 2015 + Update translations for tor-messenger-ircproperties_completed --- id/irc.properties | 205 + 1 file changed, 205 insertions(+) diff --git a/id/irc.properties b/id/irc.properties new file mode 100644 index 000..4fc394a --- /dev/null +++ b/id/irc.properties @@ -0,0 +1,205 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# LOCALIZATION NOTE (irc.usernameHint): +# This is displayed inside the accountUsernameInfoWithDescription +# string defined in imAccounts.properties when the user is +# configuring an IRC account. +irc.usernameHint=nick + +# LOCALIZATION NOTE (connection.error.*): +# These will show in the account manager if the account is +# disconnected because of an error. +connection.error.lost=Sambungan dengan server terputus +connection.error.timeOut=Sambungan melewati batas waktu +connection.error.invalidUsername=%S bukan nama pengguna yang diizinkan +connection.error.invalidPassword=Sandi server tidak valid +connection.error.passwordRequired=Membutuhkan sandi + +# LOCALIZATION NOTE (joinChat.*): +# These show up on the join chat menu. An underscore is for the access key. +joinChat.channel=Sa_luran +joinChat.password=_Sandi + +# LOCALIZATION NOTE (options.*): +# These are the protocol specific options shown in the account manager and +# account wizard windows. +options.server=Server +options.port=Port +options.ssl=Gunakan SSL +options.encoding=Set Karakter +options.quitMessage=Pesan keluar +options.partMessage=Bagian pesan +options.showServerTab=Tampilkan pesan dari server +options.alternateNicks=Nick alternatif + +# LOCALIZATION NOTE (ctcp.version): +# %1$S is the nickname of the user whose version was requested. +# %2$S is the version response from the client. +ctcp.version=%1$S menggunakan "%2$S". +# LOCALIZATION NOTE (ctcp.time): +# %1$S is the nickname of the user whose time was requested. +# %2$S is the time response. +ctcp.time=Waktu untuk %1$S adalah %2$S. + +# LOCALZIATION NOTE (command.*): +# These are the help messages for each command, the %S is the command name +# Each command first gives the parameter it accepts and then a description of +# the command. +command.action=%S action to perform: melakukan tindakan +command.ctcp=%S nick msg: mengirim CTCP ke nama samaran. +command.chanserv=%S command: mengirim perintah ke ChanSrv. +command.deop=%S nick1[,nick2]*: Membuang status operator kanal seseorang. Anda harus menjadi operator kanal untuk melakukan hal ini. +command.devoice=%S nick1[,nick2]*: Membuang status kanal suara seseorang, mencegahnya berbicara jika kanal dimoderasi (+m). Anda harus menjadi operator kanal untuk melakukan hal ini. +command.invite2=%S nick[ nick]* [channel]: mengundang satu atau lebih nama samaran untuk bergabung denganmu di kanal ini, atau bergabung dengan kanal tertentu. +command.join=%S room1[ key1][,room2[ key2]]*: Memasukan satu atau lebih kanal, optional menyediakan kunci kanal masing-masing jika dibutuhkan. +command.kick=%S nick [message]: Menghapus seseorang dari kanal. Anda harus menjadi operator kanal untuk melakukan hal ini. +command.list=%S: Menampilkan daftar ruang ngobrol di jaringan. Awas, beberapa server mungkin memutus koneksimu jika melakukan hal ini. +command.memoserv=%S command: mengirim perintah ke MemoServ. +command.modeUser=%S (+|-)new mode [nick]: membuat atau merubah moda pemakai. +command.modeChannel=%S channel[ (+|-)new mode [parameter][,parameter]*]: Mengambil, menyusun atau merombak moda kanal. +command.msg=%S nick message: Mengirim pesan pribadi kepada pengguna (sebagai kebalikan dari pesan ke kanal) +command.nick=%S new nickname: Merubah nama samaran. +command.nickserv=%S command: Mengirim perintah ke NickServ. +command.notice=%S target message: Mengirim pemberitahuan ke pengguna atau kanal. +command.op=%S nick1[,nick2]*: Memberi status operator kanal pada seseorang. Anda harus menjadi operator kanal agar bisa melakukan hal ini. +command.operserv=%S command: mengirim satu perintah ke OperServ. +command.part=%S [message]: Meninggalkan kanal ini dengan pesan pilihan. +command.ping=%S [nick]: Menanyakan berapa banyak pengguna (atau server jika tidak ada pengguna) yang tertinggal, +command.quit=%S message: Memutus koneksi server, dengan pilihan pesan. +command.quote=%S command: Mengirim pesan belum terolah ke server. +command.time=%S: Menampilkan waktu setempat saat ini di server IRC. +command.topic=%S [new topic]: Membuat judul kanal. +command.umode=%S (+|-)new mode: membuat atau merubah moda pengguna. +command.version=%S nick: Meminta versi klien pengguna. +command.voice=%S nick1[,nick2]*: Memberi status kanal suara pada
[tor-commits] [torspec/master] Add mikeperry's padding negotiation proposal and give it a number.
commit 91e207e91d0375273004ecf16364c073e3e82043 Author: Isis LovecruftDate: Fri Sep 25 11:40:28 2015 + Add mikeperry's padding negotiation proposal and give it a number. --- proposals/000-index.txt |2 + proposals/254-padding-negotiation.txt | 628 + proposals/proposal-status.txt |6 + proposals/xxx-padding-negotiation.txt | 628 - 4 files changed, 636 insertions(+), 628 deletions(-) diff --git a/proposals/000-index.txt b/proposals/000-index.txt index 0460e87..c1f42e2 100644 --- a/proposals/000-index.txt +++ b/proposals/000-index.txt @@ -174,6 +174,7 @@ Proposals by number: 251 Padding for netflow record resolution reduction [DRAFT] 252 Single Onion Services [DRAFT] 253 Out of Band Circuit HMACs [DRAFT] +254 Padding Negotiation [DRAFT] Proposals by status: @@ -195,6 +196,7 @@ Proposals by status: 251 Padding for netflow record resolution reduction 252 Single Onion Services 253 Out of Band Circuit HMACs + 254 Padding Negotiation NEEDS-REVISION: 190 Bridge Client Authorization Based on a Shared Secret OPEN: diff --git a/proposals/254-padding-negotiation.txt b/proposals/254-padding-negotiation.txt new file mode 100644 index 000..e4da004 --- /dev/null +++ b/proposals/254-padding-negotiation.txt @@ -0,0 +1,628 @@ +Filename: 254-padding-negotiation.txt +Title: Padding Negotiation +Authors: Mike Perry +Created: 01 September 2015 +Status: Draft + + +0. Overview + +This proposal aims to describe mechanisms for requesting various types +of padding from relays. + +These padding primitives are general enough to use to defend against +both website traffic fingerprinting as well as hidden service circuit +setup fingerprinting. + + +1. Motivation + +Tor already supports both link-level padding via (CELL_PADDING cell +types), as well as circuit-level padding (via RELAY_COMMAND_DROP relay +cells). + +Unfortunately, there is no way for clients to request padding from +relays, or request that relays not send them padding to conserve +bandwidth. This proposal aims to create a mechanism for clients to do +both of these. + +It also establishes consensus parameters to limit the amount of padding +that relays will send, to prevent custom wingnut clients from requesting +too much. + + +2. Link-level padding + +Padding is most useful if it can defend against a malicious or +compromised guard node. However, link-level padding is still useful to +defend against an adversary that can merely observe a Guard node +externally, such as for low-resolution netflow-based attacks (see +Proposal 251[1]). + +In that scenario, the primary negotiation mechanism we need is a way for +mobile clients to tell their Guards to stop padding, or to pad less +often. The following Trunnel payloads should cover the needed +parameters: + +const CELL_PADDING_COMMAND_STOP = 1; +const CELL_PADDING_COMMAND_START = 2; + +/* This command tells the relay to stop sending any periodic + CELL_PADDING cells. */ +struct cell_padding_stop { + u8 command IN [CELL_PADDING_COMMAND_STOP]; +}; + +/* This command tells the relay to alter its min and max netflow + timeout range values, and send padding at that rate (resuming + if stopped). */ +struct cell_padding_start { + u8 command IN [CELL_PADDING_COMMAND_START]; + + /* Min must not be lower than the current consensus parameter + nf_ito_low. */ + u16 ito_low_ms; + + /* Max must not be lower than ito_low_ms */ + u16 ito_high_ms; +}; + +More complicated forms of link-level padding can still be specified +using the primitives in Section 3, by using "leaky pipe" topology to +send the RELAY commands to the Guard node instead of to later nodes in +the circuit. + + +3. End-to-end circuit padding + +For circuit-level padding, we need two types of additional features: the +ability to schedule additional incoming cells at one or more fixed +points in the future, and the ability to schedule a statistical +distribution of arbitrary padding to overlay on top of non-padding +traffic (aka "Adaptive Padding"). + +In both cases, these messages will be sent from clients to middle nodes +using the "leaky pipe" property of the 'recognized' field of RELAY +cells, allowing padding to originate from middle nodes on a circuit in a +way that is not detectable from the Guard node. + +This same mechanism can also be used to request padding from the Guard +node itself, to achieve link-level padding without the additional +overhead requirements on middle nodes. + +3.1. Fixed-schedule padding message (RELAY_COMMAND_PADDING_SCHEDULE) + +The fixed schedule padding will be encoded in a +RELAY_COMMAND_PADDING_SCHEDULE cell. It specifies a set of up to 80 +fixed time points in the future to send cells. + +XXX: 80 timers is a lot to allow every client to create. We may want to +have something that
[tor-commits] [translation/tor-messenger-authproperties] Update translations for tor-messenger-authproperties
commit 025af4d70b8793c78c2a8bb4098f51e0d9097107 Author: Translation commit botDate: Fri Sep 25 12:16:17 2015 + Update translations for tor-messenger-authproperties --- sq/auth.properties |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sq/auth.properties b/sq/auth.properties index bab9878..1d65fcb 100644 --- a/sq/auth.properties +++ b/sq/auth.properties @@ -1,4 +1,4 @@ -auth.title=Verifikoni identitetin e %S's +auth.title=Verifikoni identitetin e %S. auth.yourFingerprint=Gjurmë gishti për ju, %S:\n%S auth.theirFingerprint=Gjurma e gishtit e pandehur për %S:\n%S auth.help=Verifikimi i identitetit të një kontakti ndihmon për t'u siguruar se personi me të cilin po flisni është ai që pretendon se është. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_completed] Update translations for tails-misc_completed
commit 8893819428edb8035541f5d1bfec9544db4d5dfc Author: Translation commit botDate: Fri Sep 25 12:15:45 2015 + Update translations for tails-misc_completed --- sq.po |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sq.po b/sq.po index f53c300..7b67a26 100644 --- a/sq.po +++ b/sq.po @@ -9,7 +9,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-09-20 19:32+0200\n" -"PO-Revision-Date: 2015-09-24 19:36+\n" +"PO-Revision-Date: 2015-09-25 11:52+\n" "Last-Translator: Bujar Tafili\n" "Language-Team: Albanian (http://www.transifex.com/otf/torproject/language/sq/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] Update translations for tails-misc
commit 7361e36775c7c07981d207ea682ace6f9e7b888d Author: Translation commit botDate: Fri Sep 25 12:15:41 2015 + Update translations for tails-misc --- sq.po |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sq.po b/sq.po index f53c300..7b67a26 100644 --- a/sq.po +++ b/sq.po @@ -9,7 +9,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-09-20 19:32+0200\n" -"PO-Revision-Date: 2015-09-24 19:36+\n" +"PO-Revision-Date: 2015-09-25 11:52+\n" "Last-Translator: Bujar Tafili\n" "Language-Team: Albanian (http://www.transifex.com/otf/torproject/language/sq/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] A day has passed.
commit 9a4cac74fd2f4bb300830e06ff56f74ccf91e373 Author: Nick MathewsonDate: Fri Sep 25 09:06:41 2015 -0400 A day has passed. --- ChangeLog |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 67de1b8..25c7442 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,4 @@ -Changes in version 0.2.7.3-rc - 2015-09-24 +Changes in version 0.2.7.3-rc - 2015-09-25 Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It contains numerous usability fixes for Ed25519 keys, safeguards against several misconfiguration problems, significant simplifications to ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-prefsdtd_completed] Update translations for tor-messenger-prefsdtd_completed
commit 56efc45954c38297a42da7ba93d59f644f0532dc Author: Translation commit botDate: Fri Sep 25 12:16:58 2015 + Update translations for tor-messenger-prefsdtd_completed --- sq/prefs.dtd | 13 + 1 file changed, 13 insertions(+) diff --git a/sq/prefs.dtd b/sq/prefs.dtd new file mode 100644 index 000..bf578f0 --- /dev/null +++ b/sq/prefs.dtd @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-prefsdtd] Update translations for tor-messenger-prefsdtd
commit c384c2ebd4593eff807750de905a31ee21b83c08 Author: Translation commit botDate: Fri Sep 25 12:16:50 2015 + Update translations for tor-messenger-prefsdtd --- sq/prefs.dtd | 20 ++-- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/sq/prefs.dtd b/sq/prefs.dtd index a645600..bf578f0 100644 --- a/sq/prefs.dtd +++ b/sq/prefs.dtd @@ -1,13 +1,13 @@ - - + + - - - + + + - - - - - \ No newline at end of file + + + + + \ No newline at end of file ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-authproperties_completed] Update translations for tor-messenger-authproperties_completed
commit 6dd0818bf2fe4fc01a8bc9d878c55c349969b87d Author: Translation commit botDate: Fri Sep 25 12:16:22 2015 + Update translations for tor-messenger-authproperties_completed --- sq/auth.properties |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sq/auth.properties b/sq/auth.properties index bab9878..1d65fcb 100644 --- a/sq/auth.properties +++ b/sq/auth.properties @@ -1,4 +1,4 @@ -auth.title=Verifikoni identitetin e %S's +auth.title=Verifikoni identitetin e %S. auth.yourFingerprint=Gjurmë gishti për ju, %S:\n%S auth.theirFingerprint=Gjurma e gishtit e pandehur për %S:\n%S auth.help=Verifikimi i identitetit të një kontakti ndihmon për t'u siguruar se personi me të cilin po flisni është ai që pretendon se është. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-otrproperties_completed] Update translations for tor-messenger-otrproperties_completed
commit aa5dcb6e568b61ac0f71615dbb88da1ffe204536 Author: Translation commit botDate: Fri Sep 25 12:16:44 2015 + Update translations for tor-messenger-otrproperties_completed --- sq/otr.properties | 31 +++ 1 file changed, 31 insertions(+) diff --git a/sq/otr.properties b/sq/otr.properties new file mode 100644 index 000..ada3ed7 --- /dev/null +++ b/sq/otr.properties @@ -0,0 +1,31 @@ +msgevent.encryption_required_part1=Ju u orvatët të dërgoni një mesazh të pashifruar tek %S. Politika është që mesazhet e pashifruara të mos lejohen. +msgevent.encryption_required_part2=Duke u përpjekur që të nisim një bisedë private. Mesazhi juaj do të transmetohet kur të nisi biseda private. +msgevent.encryption_error=U has një gabim gjatë shifrimit të mesazhit tuaj. Mesazhi nuk u dërgua. +msgevent.connection_ended=%S tashmë e ka mbyllur lidhjen e vet private për ju. Mesazhi juaj nuk u dërgua. Përkundër, jepini fund bisedës tuaj private ose riniseni atë. +msgevent.setup_error=U has një gabim gjatë vendosjes së një bisede private me %S. +msgevent.msg_reflected=Ju po merrni mesazhi tuaj OTR. Ose po mundoheni të flisni me vetveten, ose dikush po i kthen mbrapsht mesazhet tuaja tek ju. +msgevent.msg_resent=Mesazhi i fundit tek %S është dërguar. +msgevent.rcvdmsg_not_private=Mesazhi i shifruar i marrë nga %S është i palexueshëm, përderisa nuk po komunikoni privatisht. +msgevent.rcvdmsg_unreadable=Morëm një mesazh të shifruar të palexueshëm nga %S. +msgevent.rcvdmsg_malformed=Morëm një mesazh të dhënash të keqformuar %S. +msgevent.log_heartbeat_rcvd=Pulsim i marrë nga %S. +msgevent.log_heartbeat_sent=Pulsim i dërguar tek %S. +msgevent.rcvdmsg_general_err=U has një gabim OTR. +msgevent.rcvdmsg_unecrypted=Morëm një mesazh të pashifruar nga %S. +msgevent.rcvdmsg_unrecognized=Morëm një mesazh OTR të paidentifikueshëm nga %S. +msgevent.rcvdmsg_for_other_instance=%S ka dërguar një mesazh të menduar për një sesion të ndryshëm. nëse keni hyrë disa herë, mesazhin mund ta ketë marrë një sesion tjetër. +context.gone_secure_private=Biseda private me %S ka nisur. +context.gone_secure_unverified=Biseda private me %S ka nisur. Megjithatë, identiteti i tij nuk është verifikuar. +context.still_secure=Biseda private me %S u rifreskua me sukses. +error.enc=U has një gabim me shifrimin e mesazhit. +error.not_priv=Ju dërguat të dhëna të shifruara tek %S, që nuk i priste ato. +error.unreadable=Ju transmetuat një mesazh të shifruar të palexueshëm. +error.malformed=Ju transmetuat një mesazh të dhënash të keqformuar. +resent=[i ridërguar] +tlv.disconnected=%S e ka përfunduar bisedën e vet private me ju; duhet të bëni të njëjtën gjë. +query.msg=%S ka kërkuar një bisedë private Jashtë Regjistrimit. Sidoqoftë, ju nuk dispononi një plugin që ta bëni këtë. Shihni http://otr.cypherpunks.ca/ për më shumë informacion. +trust.unused=E papërdorur +trust.not_private=Joprivate +trust.unverified=E paverifikuar +trust.private=Private +trust.finished=E përfunduar ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-otrproperties] Update translations for tor-messenger-otrproperties
commit 1e0d05e4d9393cabf825011b3307890c6d5155c9 Author: Translation commit botDate: Fri Sep 25 12:16:40 2015 + Update translations for tor-messenger-otrproperties --- sq/otr.properties | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/sq/otr.properties b/sq/otr.properties index 8216e88..ada3ed7 100644 --- a/sq/otr.properties +++ b/sq/otr.properties @@ -22,10 +22,10 @@ error.not_priv=Ju dërguat të dhëna të shifruara tek %S, që nuk i priste ato error.unreadable=Ju transmetuat një mesazh të shifruar të palexueshëm. error.malformed=Ju transmetuat një mesazh të dhënash të keqformuar. resent=[i ridërguar] -tlv.disconnected=%S has ended their private conversation with you; you should do the same. -query.msg=%S has requested an Off-the Record private conversation. However, you do not have a plugin to support that. See http://otr.cypherpunks.ca/ for more information. -trust.unused=Unused -trust.not_private=Not Private -trust.unverified=Unverified +tlv.disconnected=%S e ka përfunduar bisedën e vet private me ju; duhet të bëni të njëjtën gjë. +query.msg=%S ka kërkuar një bisedë private Jashtë Regjistrimit. Sidoqoftë, ju nuk dispononi një plugin që ta bëni këtë. Shihni http://otr.cypherpunks.ca/ për më shumë informacion. +trust.unused=E papërdorur +trust.not_private=Joprivate +trust.unverified=E paverifikuar trust.private=Private -trust.finished=Finished +trust.finished=E përfunduar ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Bump to 0.2.7.3-rc-dev
commit 4ce9b8f1ec352f1167ac23d2750795986fb2ba11 Author: Nick MathewsonDate: Fri Sep 25 09:26:35 2015 -0400 Bump to 0.2.7.3-rc-dev --- configure.ac|2 +- contrib/win32build/tor-mingw.nsi.in |2 +- src/win32/orconfig.h|2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 798de27..b190522 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information -AC_INIT([tor],[0.2.7.3-rc]) +AC_INIT([tor],[0.2.7.3-rc-dev]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 314522f..5c5b35b 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.7.3-rc" +!define VERSION "0.2.7.3-rc-dev" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index e69ebeb..61677fe 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -232,7 +232,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.7.3-rc" +#define VERSION "0.2.7.3-rc-dev" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Bump master to 0.2.8.0-alpha-dev
commit 551dba3290cc77b512dc339bab4a7a81d1892c7c Author: Nick MathewsonDate: Fri Sep 25 09:27:39 2015 -0400 Bump master to 0.2.8.0-alpha-dev --- configure.ac|2 +- contrib/win32build/tor-mingw.nsi.in |2 +- src/win32/orconfig.h|2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index b190522..a6fa1cb 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information -AC_INIT([tor],[0.2.7.3-rc-dev]) +AC_INIT([tor],[0.2.8.0-alpha-dev]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 5c5b35b..2da4210 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.7.3-rc-dev" +!define VERSION "0.2.8.0-alpha-dev" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/; !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 61677fe..c0b14e5 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -232,7 +232,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.7.3-rc-dev" +#define VERSION "0.2.8.0-alpha-dev" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits