[tor-commits] [translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties

[translation]

commit 5e38353f61d45d7c4e718deb66699fc75cb3f415
Author: Translation commit bot 
Date:   Sat Sep 26 05:45:54 2015 +

Update translations for torbutton-torbuttonproperties
---
 he/torbutton.properties |   10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/he/torbutton.properties b/he/torbutton.properties
index dd21931..fbeab66 100644
--- a/he/torbutton.properties
+++ b/he/torbutton.properties
@@ -14,11 +14,11 @@ torbutton.panel.plugins.disabled = לחץ להפעלת 
תוספים
 torbutton.panel.plugins.enabled = לחץ לכיבוי תוספים
 torbutton.panel.label.disabled = Tor מכובה
 torbutton.panel.label.enabled = Tor פועל
-extensions.torbut...@torproject.org.description = Torbutton provides a button 
to configure Tor settings and quickly and easily clear private browsing data.
-torbutton.popup.history.warning = Torbutton חסם פעילות מטאב שנ
טען במצב אחר של Tor.\n\nפעולה זו נועדה לעקוף את 
הבאגים 409737 ו-417869 בפיירפוקס.\n\nאם הודעה זו נ
ראית ללא כל סיבה, יתכן שאחד האתרים מנסה 
לטעון את עצמו מחדש ברקע, ופעולה זו נ
חסמה.\n\nכדי לטעון מחדש אתר בעזרת Tor, לחץ על אנ
טר בשורת הכתובת שלו.\n\n
-torbutton.popup.plugin.warning = Torbutton חסם טעינה של תוכן 
תוספים.\n\nאנא השתמש באפשרות "שמור בשם" 
במקום.\n\n
-torbutton.popup.confirm_ca_certs = הערת Torbutton: נראה שאין לך 
רשויות אישורים מותאמים אישית. בחינת רשימת 
הרשויות היא פעולה איטית אשר מאיטה את Tor. האם 
אתה רוצה לבטל את הבידוד של תעודות מוסמכות? 
(אם אתם לא מבינים את זה, זה בטוח ללחוץ על 
אישור)
-torbutton.popup.ff3.warning = אזהרה!\n\nTorbutton בדפדפן Firefox 3 
ידוע בהדלפת מידע דוגמת אזור זמן דרך Tor.\n\nהאם 
ברצונך להמשיך למרות זאת?
+extensions.torbut...@torproject.org.description = Torbutton מספק לך 
כפתור להגדרה נוחה של Tor ולניקיון מהיר של נ
תוני הגלישה הפרטיים שלך.
+torbutton.popup.history.warning = Torbutton חסם פעילות מטאב שנ
טען במצב אחר של Tor.\n\nפעולה זו נועדה לגבור על 
באגים 409737 ו-417869 בפיירפוקס.\n\nאם הודעה זו צצה 
ללא סיבה נראית לעין, ייתכן שאחד האתרים ניסה 
לרענן את עצמו ברקע, ופעולה זו נחסמה.\n\nכדי 
לרענן אתר במצב Tor הנוכחי , לחץ על מקש Enter 
במקלדת בעת שהסמן מהבהב בשורת הכתובת 
בדפדפן.\n\n
+torbutton.popup.plugin.warning = Torbutton חסם טעינה ישירה של 
תוכן תוספים.\n\nאנא השתמש באפשרות "שמור בשם" 
במקום זאת.\n\n
+torbutton.popup.confirm_ca_certs = הערת Torbutton: נראה שאין לך 
רשויות אישורים מותאמות אישית. בחינת רשימת 
הרשויות היא פעולה איטית אשר מאיטה את Tor. האם 
אתה רוצה לבטל את בידודם של אישורי רשויות 
האישורים? (אם אינך מבין הודעה זו, תוכל ללחוץ 
על אישור ללא חשש)
+torbutton.popup.ff3.warning = אזהרה!\n\nTorbutton בדפדפן Firefox 3 
מדליף בוודאות את נתוני אזור הזמן והסימניות 
החיות שלך.\n\nהאם ברצונך להמשיך בכל זאת?
 torbutton.popup.toggle.warning = עליך להפעיל או לאתחל את 
Tor על מנת שההגדרות יכנסו לתוקפן.
 torbutton.popup.test.success = בדיקת הפרוקסי של Tor עברה 
בהצלחה!
 torbutton.popup.test.failure = בדיקת הפרוקסי של Tor נכשלה! 
בדוק את הגדרות הפרוקסי ו-Polipo.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-branddtd_completed] Update translations for torbutton-branddtd_completed

[translation]

commit 0188902db93f530567e86b2e85b2977c1f3ebedb
Author: Translation commit bot 
Date:   Sat Sep 26 05:45:48 2015 +

Update translations for torbutton-branddtd_completed
---
 he/brand.dtd |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/he/brand.dtd b/he/brand.dtd
index 37414dd..53a93bb 100644
--- a/he/brand.dtd
+++ b/he/brand.dtd
@@ -11,5 +11,5 @@
 
 
 
-
+
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-branddtd] Update translations for torbutton-branddtd

[translation]

commit 58cf13fbebdb5d15392130c00616462cb15d5f5b
Author: Translation commit bot 
Date:   Sat Sep 26 05:45:45 2015 +

Update translations for torbutton-branddtd
---
 he/brand.dtd |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/he/brand.dtd b/he/brand.dtd
index 37414dd..53a93bb 100644
--- a/he/brand.dtd
+++ b/he/brand.dtd
@@ -11,5 +11,5 @@
 
 
 
-
+
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torcheck_completed] Update translations for torcheck_completed

[translation]

commit a37d5aaf9d14b7d6fa31d1450d00da71d098b6e4
Author: Translation commit bot 
Date:   Sat Sep 26 05:15:12 2015 +

Update translations for torcheck_completed
---
 he/torcheck.po |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/he/torcheck.po b/he/torcheck.po
index 1e4ad5f..6ae0b0f 100644
--- a/he/torcheck.po
+++ b/he/torcheck.po
@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "POT-Creation-Date: 2012-02-16 20:28+PDT\n"
-"PO-Revision-Date: 2015-09-24 05:54+\n"
+"PO-Revision-Date: 2015-09-26 05:12+\n"
 "Last-Translator: Johnny Diralenzo\n"
 "Language-Team: Hebrew 
(http://www.transifex.com/otf/torproject/language/he/)\n"
 "MIME-Version: 1.0\n"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torcheck] Update translations for torcheck

[translation]

commit c0061a2a3868e347312fe69b4e4df2f7ea2f21f7
Author: Translation commit bot 
Date:   Sat Sep 26 05:15:09 2015 +

Update translations for torcheck
---
 he/torcheck.po |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/he/torcheck.po b/he/torcheck.po
index 1e4ad5f..6ae0b0f 100644
--- a/he/torcheck.po
+++ b/he/torcheck.po
@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "POT-Creation-Date: 2012-02-16 20:28+PDT\n"
-"PO-Revision-Date: 2015-09-24 05:54+\n"
+"PO-Revision-Date: 2015-09-26 05:12+\n"
 "Last-Translator: Johnny Diralenzo\n"
 "Language-Team: Hebrew 
(http://www.transifex.com/otf/torproject/language/he/)\n"
 "MIME-Version: 1.0\n"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit ab978d568357fe613a737239a77ddd65fcf0eef4
Author: Translation commit bot 
Date:   Sat Sep 26 04:45:15 2015 +

Update translations for https_everywhere
---
 he/ssl-observatory.dtd |   36 ++--
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/he/ssl-observatory.dtd b/he/ssl-observatory.dtd
index 28e28e6..3c6e552 100644
--- a/he/ssl-observatory.dtd
+++ b/he/ssl-observatory.dtd
@@ -3,9 +3,9 @@
 
 
 
-
+
 
 
 
 
+"האם ברצונך ש-HTTPS בכל מקום יסתייע 
במאגר התעודות המקוון?">
 
 
 
 
 
 
+"אפשרות זו בטוחה לשימוש, אלא אם כן אתה משתמש 
ברשת תאגידית פולשנית מאוד:">
 
 
+"אין סכנה, אלא אם כן אתה משתמש ברשת תאגידית 
סגורה ששמות שרתים סודיים:">
 
 
+"שלח לבדיקה כל אישור שנחתם על ידי רשות 
אישורים עליונה לא תקנית">
 
 
 
-
+
 
+"בצע את הליך אימות האישורים דרך הרשת של Tor 
על מנת לשמור על פרטיותך (מחייב שימוש ב-Tor).">
 
+"אפשרות זאת תפעל רק במקרה ש-Tor כבר מותקן 
ומופעל.">
 
 
+"כשתראה אישור חדש, עדכן את מאגר האישורים 
המקוון בזהות ספק האינטרנט שלך">
 
 
+"זה יאחזר וישלח את מספר המערכת האוטונ
ומי של הרשת שלך. דבר זה יעזור לנו למקם 
מתקפות על HTTPS ויקבע האם נקבל דיווחים מרשתות 
במקומות כמו איראן וסוריה שבהם מתקפות שכאלה 
שכיחות יחסית.">
 
 
 
 
+"זה יבדוק את התעודות שתישלחנה אל מול רשימת 
האישורים המבוטלים. לצערנו הרב איננו יכולים 
להתחייב שנאתר כל תעודה שפג תוקפה, אך אם בכל 
זאת תוצג התרעה ישנו סיכוי סביר שמשהו השתבש.">
 
 
 
 
+"HTTPS בכל מקום יכול להשתמש במאגר 
האישורים המקוון של EFF. אם תפעיל אפשרות זו 
היא תביא לתוצאות הבאות: 
+(1) יישלחו עותקים מאישורי HTTPS למאגר, כדי 
לעזור לנו ליירט התקפות אדם באמצע 
ולשפר את אבטחת הרשת;  ו-(2) נוכל להתריע בפניך 
על חיבורים לא מאובטחים ועל מתקפות על הדפדפן 
שלך.">
 
 
 
 https://www.something.com, 
האישור שהתקבל על ידי המצפה יציין שמישהו 
ביקר ב www.something.com, אבל לא מי ביקר באתר, או על 
איזה עמוד ספציפי הם הסתכלו. תעבור עם העכבר 
על האפשרויות בשביל פרטים נוספים:">
+"לדוגמא, כאשר אתה מבקר ב-  https://www.something.com, 
האישור שיתקבל אצלנו במאגר יעיד על כך שמישהו 
ביקר ב- www.something.com, אך ללא פרטים על זהות המבקר 
או על העמודים הספציפיים אליהם גלש. עבור עם 
סמן העכבר על האפשרויות לקבלת פרטים נוספים:">
 
 
 
 
+"בדוק אישורים גם כשאינך מחובר לרשת Tor">
 
 
+"אמנם נשתדל לשמור על פרטיות הנתונים, אבל 
אפשרות זאת בטוחה פחות">
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit 7b0ec0d1b511809cf7739d2010220bdd6a6035e8
Author: Translation commit bot 
Date:   Sat Sep 26 04:15:16 2015 +

Update translations for https_everywhere
---
 he/https-everywhere.dtd|   34 +-
 he/https-everywhere.properties |6 +++---
 2 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/he/https-everywhere.dtd b/he/https-everywhere.dtd
index e750dc1..7b7e540 100644
--- a/he/https-everywhere.dtd
+++ b/he/https-everywhere.dtd
@@ -1,36 +1,36 @@
-
-
-
+
+
+
 
 
 
 
-
+
 
 
 
 
 
-
+
 
-
-
+
+
 
-
+
 
 
-
+
 
 
 
 
 
-
+
 
 
 
 
-
+
 
 
 
@@ -38,13 +38,13 @@
 
 
 
-
-
+
+
 
-
-
-
+
+
+
 
-
+
 
 
diff --git a/he/https-everywhere.properties b/he/https-everywhere.properties
index c1c604f..ae26949 100644
--- a/he/https-everywhere.properties
+++ b/he/https-everywhere.properties
@@ -1,8 +1,8 @@
 https-everywhere.menu.globalEnable = להפעיל את HTTPS Everywhere
-https-everywhere.menu.globalDisable = להשבית את HTTPS Everywhere
+https-everywhere.menu.globalDisable = להשבית את "HTTPS בכל מקום"
 https-everywhere.menu.enableDisable = להפעיל/להשבית כללים
 https-everywhere.menu.noRules = (אין כללים עבור דף זה)
 https-everywhere.menu.unknownRules = (כללים לדף זה אינם 
ידועים)
-https-everywhere.toolbar.hint = ‏HTTPS Everywhere מופעל כעת. 
באפשרותך להחליף את מצב פעילותו על בסיס של 
צורה משותפת על ידי הקלקה על הסמל אשר בתוך 
שורת הכתובת.
-https-everywhere.migration.notification0 = כדי ליישם תיקון 
חיוני, עדכון זה מאפס את כללי העדפות של HTTPS 
בכל מקום לערכי ברירת המחדל שלהם.
+https-everywhere.toolbar.hint = ‏"HTTPS בכל מקום" פועל כעת. 
באפשרותך להתאים את מצב פעילותו לכל אתר בנ
פרד על ידי לחיצה על הצלמית שבתוך שורת 
הכתובת.
+https-everywhere.migration.notification0 = כדי לתקן תקלה 
חמורה, עדכון זה יאפס את כל כללי "HTTPS בכל מקום" 
לערכי ברירת המחדל שלהם.
 https-everywhere.menu.ruleset-tests = הפעל HTTPS בכל מקום 
בדיקות Ruleset

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 5352525512b669851931f7dafcb1c95ab70ad6cc
Author: Translation commit bot 
Date:   Sat Sep 26 04:45:21 2015 +

Update translations for https_everywhere_completed
---
 he/ssl-observatory.dtd |   38 +++---
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/he/ssl-observatory.dtd b/he/ssl-observatory.dtd
index 28e28e6..c4794b1 100644
--- a/he/ssl-observatory.dtd
+++ b/he/ssl-observatory.dtd
@@ -3,9 +3,9 @@
 
 
 
-
+
 
 
 
 
+"האם ברצונך ש-HTTPS בכל מקום יסתייע 
במאגר התעודות המקוון?">
 
 
 
 
 
 
+"אפשרות זו בטוחה לשימוש, אלא אם כן אתה משתמש 
ברשת תאגידית פולשנית מאוד:">
 
 
+"אין סכנה, אלא אם כן אתה משתמש ברשת תאגידית 
סגורה ששמות שרתים סודיים:">
 
 
+"שלח לבדיקה כל אישור שנחתם על ידי רשות 
אישורים עליונה לא תקנית">
 
 
 
-
+
 
+"בצע את הליך אימות האישורים דרך הרשת של Tor 
על מנת לשמור על פרטיותך (מחייב שימוש ב-Tor).">
 
+"אפשרות זאת תפעל רק במקרה ש-Tor כבר מותקן 
ומופעל.">
 
 
+"כשתראה אישור חדש, עדכן את מאגר האישורים 
המקוון בזהות ספק האינטרנט שלך">
 
 
+"זה יאחזר וישלח את מספר המערכת האוטונ
ומי של הרשת שלך. דבר זה יעזור לנו למקם 
מתקפות על HTTPS ויקבע האם נקבל דיווחים מרשתות 
במקומות כמו איראן וסוריה שבהם מתקפות שכאלה 
שכיחות יחסית.">
 
 
 
 
+"זה יבדוק את התעודות שתישלחנה אל מול רשימת 
האישורים המבוטלים. לצערנו הרב איננו יכולים 
להתחייב שנאתר כל תעודה שפג תוקפה, אך אם בכל 
זאת תוצג התרעה ישנו סיכוי סביר שמשהו השתבש.">
 
 
 
 
+"HTTPS בכל מקום יכול להשתמש במאגר 
האישורים המקוון של EFF. אם תפעיל אפשרות זו 
היא תביא לתוצאות הבאות: 
+(1) יישלחו עותקים מאישורי HTTPS למאגר, כדי 
לעזור לנו ליירט התקפות אדם באמצע 
ולשפר את אבטחת הרשת;  ו-(2) נוכל להתריע בפניך 
על חיבורים לא מאובטחים ועל מתקפות על הדפדפן 
שלך.">
 
 
 
 https://www.something.com, 
האישור שהתקבל על ידי המצפה יציין שמישהו 
ביקר ב www.something.com, אבל לא מי ביקר באתר, או על 
איזה עמוד ספציפי הם הסתכלו. תעבור עם העכבר 
על האפשרויות בשביל פרטים נוספים:">
+"לדוגמא, כאשר אתה מבקר ב-  https://www.something.com, 
האישור שיתקבל אצלנו במאגר יעיד על כך שמישהו 
ביקר ב- www.something.com, אך ללא פרטים על זהות המבקר 
או על העמודים הספציפיים אליהם גלש. עבור עם 
סמן העכבר על האפשרויות לקבלת פרטים נוספים:">
 
 
 
 
+"בדוק אישורים גם כשאינך מחובר לרשת Tor">
 
 
+"אמנם נשתדל לשמור על פרטיות הנתונים, אבל 
אפשרות זאת בטוחה פחות">
 
 
+"שלח לבדיקה אישורים עבור שמות מתחם שאינם נ
חלת הכלל">
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/abouttor-homepage_completed] Update translations for abouttor-homepage_completed

[translation]

commit b8415a512254142a32efa13d2384203c490bb064
Author: Translation commit bot 
Date:   Sat Sep 26 05:16:01 2015 +

Update translations for abouttor-homepage_completed
---
 he/aboutTor.dtd |   20 ++--
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/he/aboutTor.dtd b/he/aboutTor.dtd
index e6fcce3..5b534a2 100644
--- a/he/aboutTor.dtd
+++ b/he/aboutTor.dtd
@@ -8,7 +8,7 @@
 
 
 
-
+
 
 
 
@@ -30,20 +30,20 @@
 
 
 
-
+
 
-
-
+
+
 https://www.torproject.org/download/download.html.en#warning;>
 
-
-
+
+
 https://www.torproject.org/docs/tor-doc-relay.html.en;>
-
+
 https://www.torproject.org/getinvolved/volunteer.html.en;>
-
+
 https://www.torproject.org/donate/donate.html.en;>
 
-
-
+
+
 https://www.torproject.org/about/overview.html.en;>

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere_completed] Update translations for https_everywhere_completed

[translation]

commit 145258529bc9bdf83523e4e30f996e7a3df2d31a
Author: Translation commit bot 
Date:   Sat Sep 26 05:15:30 2015 +

Update translations for https_everywhere_completed
---
 he/ssl-observatory.dtd |   32 
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/he/ssl-observatory.dtd b/he/ssl-observatory.dtd
index c4794b1..bc41680 100644
--- a/he/ssl-observatory.dtd
+++ b/he/ssl-observatory.dtd
@@ -4,8 +4,8 @@
 
 
 
+נגד הדפדפן שלך עי חיפוש אישורי אבטחה 
המתקבלים מאתרים בתוך
+ מאגר האישורים המקוון. להפעיל?">
 
 
 
 
+"האם ברצונך ש-HTTPS בכל מקום יסתייע 
במאגר האישורים המקוון?">
 
 
 
@@ -44,10 +44,10 @@ to turn it on?">-->
 "זה יאחזר וישלח את מספר המערכת האוטונ
ומי של הרשת שלך. דבר זה יעזור לנו למקם 
מתקפות על HTTPS ויקבע האם נקבל דיווחים מרשתות 
במקומות כמו איראן וסוריה שבהם מתקפות שכאלה 
שכיחות יחסית.">
 
 
+"הצג התרעה כאשר מאגר האישורים מזהה אישור 
שתוקפו פג מבלי שהדפדפן גילה זאת.">
 
 
+"זה יבדוק את האישורים שיישלחו אל מול רשימת 
האישורים המבוטלים. לצערנו הרב איננו יכולים 
להתחייב שנאתר כל אישור שתוקפו פג, אך אם בכל 
זאת תוצג התרעה ישנו סיכוי סביר שמשהו השתבש.">
 
 
 
@@ -76,20 +76,20 @@ Mouseover the options for further details:">-->
 "שלח לבדיקה אישורים עבור שמות מתחם שאינם נ
חלת הכלל">
 
 
+"אלא אם אפשרות זאת סומנה, המאגר לא ישמור 
אישורים עבור שמות מתחם שאינם מופיעים 
במאגרי שמות המתחם הציבוריים">
 
-
+
 
-
+
 
-
-
-
-
-
-
+
+
+
+
+
+
 
 
+"שלח לבדיקה אישורים חתומים עצמית">
 
+"אפשרות זו מומלצת; בעיות הצפנה נפוצות 
במיוחד בקרב מערכות משובצות מחשב המשתמשות 
באישורי אבטחה חתומים עצמית">

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/https_everywhere] Update translations for https_everywhere

[translation]

commit c36fcb7b46e08fb04bef26ae51307c93079503a4
Author: Translation commit bot 
Date:   Sat Sep 26 05:15:21 2015 +

Update translations for https_everywhere
---
 he/ssl-observatory.dtd |   34 +-
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/he/ssl-observatory.dtd b/he/ssl-observatory.dtd
index 3c6e552..bc41680 100644
--- a/he/ssl-observatory.dtd
+++ b/he/ssl-observatory.dtd
@@ -4,8 +4,8 @@
 
 
 
+נגד הדפדפן שלך עי חיפוש אישורי אבטחה 
המתקבלים מאתרים בתוך
+ מאגר האישורים המקוון. להפעיל?">
 
 
 
 
+"האם ברצונך ש-HTTPS בכל מקום יסתייע 
במאגר האישורים המקוון?">
 
 
 
@@ -44,10 +44,10 @@ to turn it on?">-->
 "זה יאחזר וישלח את מספר המערכת האוטונ
ומי של הרשת שלך. דבר זה יעזור לנו למקם 
מתקפות על HTTPS ויקבע האם נקבל דיווחים מרשתות 
במקומות כמו איראן וסוריה שבהם מתקפות שכאלה 
שכיחות יחסית.">
 
 
+"הצג התרעה כאשר מאגר האישורים מזהה אישור 
שתוקפו פג מבלי שהדפדפן גילה זאת.">
 
 
+"זה יבדוק את האישורים שיישלחו אל מול רשימת 
האישורים המבוטלים. לצערנו הרב איננו יכולים 
להתחייב שנאתר כל אישור שתוקפו פג, אך אם בכל 
זאת תוצג התרעה ישנו סיכוי סביר שמשהו השתבש.">
 
 
 
@@ -73,23 +73,23 @@ Mouseover the options for further details:">-->
 "אמנם נשתדל לשמור על פרטיות הנתונים, אבל 
אפשרות זאת בטוחה פחות">
 
 
+"שלח לבדיקה אישורים עבור שמות מתחם שאינם נ
חלת הכלל">
 
 
+"אלא אם אפשרות זאת סומנה, המאגר לא ישמור 
אישורים עבור שמות מתחם שאינם מופיעים 
במאגרי שמות המתחם הציבוריים">
 
-
+
 
-
+
 
-
-
-
-
-
-
+
+
+
+
+
+
 
 
+"שלח לבדיקה אישורים חתומים עצמית">
 
+"אפשרות זו מומלצת; בעיות הצפנה נפוצות 
במיוחד בקרב מערכות משובצות מחשב המשתמשות 
באישורי אבטחה חתומים עצמית">

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/abouttor-homepage] Update translations for abouttor-homepage

[translation]

commit 413685127b36348e27d32845af8f24c975ccb2d6
Author: Translation commit bot 
Date:   Sat Sep 26 05:15:57 2015 +

Update translations for abouttor-homepage
---
 he/aboutTor.dtd |   20 ++--
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/he/aboutTor.dtd b/he/aboutTor.dtd
index e6fcce3..5b534a2 100644
--- a/he/aboutTor.dtd
+++ b/he/aboutTor.dtd
@@ -8,7 +8,7 @@
 
 
 
-
+
 
 
 
@@ -30,20 +30,20 @@
 
 
 
-
+
 
-
-
+
+
 https://www.torproject.org/download/download.html.en#warning;>
 
-
-
+
+
 https://www.torproject.org/docs/tor-doc-relay.html.en;>
-
+
 https://www.torproject.org/getinvolved/volunteer.html.en;>
-
+
 https://www.torproject.org/donate/donate.html.en;>
 
-
-
+
+
 https://www.torproject.org/about/overview.html.en;>

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-aboutdialogdtd] Update translations for torbutton-aboutdialogdtd

[translation]

commit f40225865a0ecbb65d6e014cf20b4e6196832b87
Author: Translation commit bot 
Date:   Sat Sep 26 05:16:24 2015 +

Update translations for torbutton-aboutdialogdtd
---
 he/aboutdialog.dtd |4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/he/aboutdialog.dtd b/he/aboutdialog.dtd
index 097a3be..e39a7e5 100644
--- a/he/aboutdialog.dtd
+++ b/he/aboutdialog.dtd
@@ -1,11 +1,11 @@
 
 
-
+
 
 
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/torbutton-aboutdialogdtd_completed] Update translations for torbutton-aboutdialogdtd_completed

[translation]

commit 7cff42829e106fbd782a7594a09016e87c8d9367
Author: Translation commit bot 
Date:   Sat Sep 26 05:16:27 2015 +

Update translations for torbutton-aboutdialogdtd_completed
---
 he/aboutdialog.dtd |4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/he/aboutdialog.dtd b/he/aboutdialog.dtd
index 097a3be..e39a7e5 100644
--- a/he/aboutdialog.dtd
+++ b/he/aboutdialog.dtd
@@ -1,11 +1,11 @@
 
 
-
+
 
 
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] bump dev version to 0.2.7.3-rc

[nickm]

commit 18f8c87a14757f52e32e06d9a1a59a01cb95c8ea
Author: Nick Mathewson 
Date:   Fri Sep 25 12:29:02 2015 -0400

bump dev version to 0.2.7.3-rc
---
 Makefile |2 +-
 include/versions.wmi |2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 0ddf8e6..d949bdf 100644
--- a/Makefile
+++ b/Makefile
@@ -15,7 +15,7 @@
 # website component, and set it to needs_review.
 
 export STABLETAG=tor-0.2.6.10
-export DEVTAG=tor-0.2.7.2-alpha
+export DEVTAG=tor-0.2.7.3-rc
 
 WMLBASE=.
 SUBDIRS=docs eff projects press about download getinvolved donate 
docs/torbutton
diff --git a/include/versions.wmi b/include/versions.wmi
index 1ee5d43..8162d0a 100644
--- a/include/versions.wmi
+++ b/include/versions.wmi
@@ -1,5 +1,5 @@
 0.2.6.10
-0.2.7.2-alpha
+0.2.7.3-rc
 
 0.2.6.10
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Add proposal for padding negotiation.

[isis]

commit d159f9a820a2793f402de89782446e0833795267
Author: Mike Perry 
Date:   Wed Sep 9 18:11:05 2015 -0700

Add proposal for padding negotiation.

This is the version initially posted to tor-dev@lists.
---
 proposals/xxx-padding-negotiation.txt |  392 +
 1 file changed, 392 insertions(+)

diff --git a/proposals/xxx-padding-negotiation.txt 
b/proposals/xxx-padding-negotiation.txt
new file mode 100644
index 000..66d8991
--- /dev/null
+++ b/proposals/xxx-padding-negotiation.txt
@@ -0,0 +1,392 @@
+Filename: xxx-padding-negotiation.txt
+Title: Padding Negotiation
+Authors: Mike Perry
+Created: 01 September 2015
+Status: Draft
+
+
+0. Overview
+
+This proposal aims to describe mechanisms for requesting various types
+of padding from relays.
+
+These padding primitives are general enough to use to defend against
+both website traffic fingerprinting as well as hidden service circuit
+setup fingerprinting.
+
+
+1. Motivation
+
+Tor already supports both link-level padding via (CELL_PADDING cell
+types), as well as circuit-level padding (via RELAY_COMMAND_DROP relay
+cells).
+
+Unfortunately, there is no way for clients to request padding from
+relays, or request that relays not send them padding to conserve
+bandwidth. This proposal aims to create a mechanism for clients to do
+both of these.
+
+
+2. Link-level padding
+
+Padding is most urgently needed to defend against a malicious or
+compromised guard node. However, link-level padding is still useful to
+defend against an adversary that can merely observe a Guard node
+externally. Right now, the only case where link-level padding is known
+to defend against any realistic attacker is for low-resolution
+netflow-based attacks.
+
+In that scenario, the primary mechanism we need is a way for mobile
+clients to tell their Guards to stop padding, or to pad less often. The
+following Trunnel payloads should cover the needed parameters:
+
+const CELL_PADDING_COMMAND_STOP = 1;
+const CELL_PADDING_COMMAND_START = 2;
+
+/* This command tells the relay to stop sending any periodic
+   CELL_PADDING cells. */
+struct cell_padding_stop {
+  u8 command IN [CELL_PADDING_COMMAND_STOP];
+};
+
+/* This command tells the relay to alter its min and max timeout
+   range values, and if needed, send 
+struct cell_padding_start {
+  u8 command IN [CELL_PADDING_COMMAND_START];
+
+  /* Min must not be lower than the current consensus parameter
+ nf_ito_low. */
+  u16 ito_low_ms;
+
+  /* Max must not be lower than ito_low_ms */
+  u16 ito_high_ms;
+};
+
+If more scenarios are discovered, future command numbers could be used
+to include the end-to-end padding command payloads below, or other
+defense parameterizations.
+
+
+3. End-to-end circuit padding
+
+For end-to-end padding, we need two types of additional features: the
+ability to schedule additional incoming cells at one or more fixed
+points in the future, and the ability to schedule a statistical
+distribution of arbitrary padding to overlay on top of non-padding
+traffic (aka "Adaptive Padding").
+
+In both cases, these messages will be sent from clients to middle nodes
+using "leaky pipe" property of the 'recognized' field of RELAY cells,
+allowing padding to originate from middle nodes on a circuit in a way
+that is not detectable from the Guard node.
+
+3.1. Fixed-schedule padding message (RELAY_COMMAND_PADDING_SCHEDULE)
+
+The fixed schedule padding will be encoded in a
+RELAY_COMMAND_PADDING_SCHEDULE cell. It specifies a set of up to 80
+fixed time points in the future to send cells.
+
+XXX: 80 timers is a lot to allow every client to create. We may want to
+have something that checks this structure to ensure it actually
+schedules no more than N in practice, until we figure out how to
+optimize either libevent or timer scheduling/packet delivery.
+
+The RELAY_COMMAND_PADDING_SCHEDULE body is specified in Trunnel as
+follows:
+
+struct relay_padding_schedule {
+   /* Number of microseconds before sending cells (cumulative) */
+   u32 when_send[80];
+
+   /* Number of cells to send at time point sum(when_send[0..i]) */
+   u16 num_cells[80];
+ 
+   /* Adaptivity: If 1, and server-originating cells arrive before the
+  next when_send time, then decrement the next non-zero when_send
+  index, so we don't send a padding cell then, too */
+   u8 adaptive IN [0,1];
+};
+
+To allow both high-resolution time values, and the ability to specify
+timeout values far in the future, the time values are cumulative. In
+other words, sending a cell with when_send = [MAX_INT, MAX_INT, MAX_INT,
+0...] and num_cells = [0, 0, 100, 0...] would cause the relay to reply
+with 100 cells in 3*MAX_INT microseconds from the receipt of this cell.
+ 
+3.2. Adaptive Padding message (RELAY_COMMAND_PADDING_ADAPTIVE)
+
+The following message is derived from the 

[tor-commits] [torspec/master] Allow infinity transitions to be programmable.

[isis]

commit ec84f2c788a1b08047fea854b2ed71d08eb94076
Author: Mike Perry 
Date:   Fri Sep 11 18:37:32 2015 -0700

Allow infinity transitions to be programmable.

Forgetting to specify the infinity transitions causes the state machine to
just shut down.
---
 proposals/xxx-padding-negotiation.txt |   12 +---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/proposals/xxx-padding-negotiation.txt 
b/proposals/xxx-padding-negotiation.txt
index 4202540..0292f22 100644
--- a/proposals/xxx-padding-negotiation.txt
+++ b/proposals/xxx-padding-negotiation.txt
@@ -174,6 +174,7 @@ specified in Trunnel as follows:
 const RELAY_PADDING_TRANSITION_EVENT_NONPADDING_SENT = 2;
 const RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT = 4;
 const RELAY_PADDING_TRANSITION_EVENT_PADDING_RECV = 8;
+const RELAY_PADDING_TRANSITION_EVENT_INFINITY = 16;
 
 /* This payload encodes a histogram delay distribution representing
  * the probability of sending a single RELAY_DROP cell after a
@@ -273,7 +274,7 @@ This causes it to enter burst mode (state B), in which a 
delay t is
 sampled from the Burst histogram, and a timer is scheduled to count down
 until either another matching packet arrives, or t expires. If the
 "Infinity" time is sampled from this histogram, the machine returns to
-the Start state.
+the lowest state with the INFINITY event bit set.
 
 If a packet that matches machines[i].burst.transition_start_events
 arrives before t expires, the machine transitions back to the Start
@@ -290,7 +291,8 @@ arrives (or is sent), the machine transitions to the Gap 
state G.
 
 In state G, the machine samples from the Gap histogram and sends padding
 messages when the time it samples expires. If an infinite delay is
-sampled while being in state G we jump back to state B.
+sampled while being in state G we jump back to state B or S,
+depending upon the usage of the infinity event bitmask.
 
 If a packet arrives that matches gap.transition_start_events, the
 machine transitions back to the Start state.
@@ -349,11 +351,15 @@ the relay state machines:
  machines[0].burst.transition_gap_events =
 RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT;
 
+ machines[0].burst.transition_start_events =
+RELAY_PADDING_TRANSITION_EVENT_INFINITY;
+
  machines[0].gap.transition_reschedule_events =
 RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT;
 
  machines[0].gap.transition_burst_events =
-RELAY_PADDING_TRANSITION_EVENT_NONPADDING_SENT;
+RELAY_PADDING_TRANSITION_EVENT_NONPADDING_SENT |
+RELAY_PADDING_TRANSITION_EVENT_INFINITY;
 
 The rest of the transition fields would be 0.
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Generalize state transition capability.

[isis]

commit 9703c86274bdeac3e7dde5c571210660e782dc5d
Author: Mike Perry 
Date:   Fri Sep 11 15:12:24 2015 -0700

Generalize state transition capability.

Also allow the histograms to be variable in size.
---
 proposals/xxx-padding-negotiation.txt |  261 -
 1 file changed, 192 insertions(+), 69 deletions(-)

diff --git a/proposals/xxx-padding-negotiation.txt 
b/proposals/xxx-padding-negotiation.txt
index 66d8991..005045a 100644
--- a/proposals/xxx-padding-negotiation.txt
+++ b/proposals/xxx-padding-negotiation.txt
@@ -34,7 +34,7 @@ compromised guard node. However, link-level padding is still 
useful to
 defend against an adversary that can merely observe a Guard node
 externally. Right now, the only case where link-level padding is known
 to defend against any realistic attacker is for low-resolution
-netflow-based attacks.
+netflow-based attacks (see Proposal 251[1]).
 
 In that scenario, the primary mechanism we need is a way for mobile
 clients to tell their Guards to stop padding, or to pad less often. The
@@ -50,7 +50,8 @@ following Trunnel payloads should cover the needed parameters:
 };
 
 /* This command tells the relay to alter its min and max timeout
-   range values, and if needed, send 
+   range values, and send padding at that rate (resuming if
+   stopped). */
 struct cell_padding_start {
   u8 command IN [CELL_PADDING_COMMAND_START];
 
@@ -62,9 +63,10 @@ following Trunnel payloads should cover the needed 
parameters:
   u16 ito_high_ms;
 };
 
-If more scenarios are discovered, future command numbers could be used
-to include the end-to-end padding command payloads below, or other
-defense parameterizations.
+More complicated forms of link padding can still be specified using
+the primitives in Section 3, by using "leaky pipe" topology to send
+the RELAY commands to the Guard node instead of to later nodes in the
+circuit.
 
 
 3. End-to-end circuit padding
@@ -78,7 +80,8 @@ traffic (aka "Adaptive Padding").
 In both cases, these messages will be sent from clients to middle nodes
 using "leaky pipe" property of the 'recognized' field of RELAY cells,
 allowing padding to originate from middle nodes on a circuit in a way
-that is not detectable from the Guard node.
+that is not detectable from the Guard node. This same mechanism can also
+be used to request padding from the Guard node itself.
 
 3.1. Fixed-schedule padding message (RELAY_COMMAND_PADDING_SCHEDULE)
 
@@ -100,7 +103,7 @@ follows:
 
/* Number of cells to send at time point sum(when_send[0..i]) */
u16 num_cells[80];
- 
+
/* Adaptivity: If 1, and server-originating cells arrive before the
   next when_send time, then decrement the next non-zero when_send
   index, so we don't send a padding cell then, too */
@@ -112,11 +115,11 @@ timeout values far in the future, the time values are 
cumulative. In
 other words, sending a cell with when_send = [MAX_INT, MAX_INT, MAX_INT,
 0...] and num_cells = [0, 0, 100, 0...] would cause the relay to reply
 with 100 cells in 3*MAX_INT microseconds from the receipt of this cell.
- 
+
 3.2. Adaptive Padding message (RELAY_COMMAND_PADDING_ADAPTIVE)
 
-The following message is derived from the Adaptive Padding defense
-specified in "Timing Attacks and Defenses"[1].
+The following message is a generalization of the Adaptive Padding
+defense specified in "Timing Attacks and Defenses"[2].
 
 The message encodes either one or two state machines, each of which
 contain two histograms ("Burst" and "Gap") governing their behavior.
@@ -133,37 +136,57 @@ distribution.
 Both "Gap" and "Burst" histograms each have a special "Infinity" bin,
 which means "We have decided not to send a packet".
 
-Each histograms is combined with state transition information, which
+Each histogram is combined with state transition information, which
 allows a client to specify the types of incoming packets that cause the
 state machine to decide to schedule padding cells (and/or when to cease
 scheduling them).
 
-The histograms and the associated state machines are specified in
-Trunnel as follows:
+Note that our generalization of the Adaptive Padding state machine
+actually gives clients full control over the state transition events,
+even allowing them to specify a single-state state machine if desired.
+See Sections 3.2.1 and 3.2.2 for details.
+
+The histograms and the associated state machine packet layout is
+specified in Trunnel as follows:
 
 /* These constants form a bitfield to specify the types of events
  * that can cause padding to start or stop from a given state. */
-const RELAY_PADDING_TRANSITION_EVENT_INFINITY_BIN = 0; // "Always set"
 const RELAY_PADDING_TRANSITION_EVENT_NONPADDING_RECV = 1;
 const RELAY_PADDING_TRANSITION_EVENT_NONPADDING_SENT = 2;
 const RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT = 4;
 const 

[tor-commits] [torspec/master] Note potential memory exhaustion DoS.

[isis]

commit 2b0eb5172f7d3effae6d3aabb2e15efd36926b1d
Author: Mike Perry 
Date:   Fri Sep 11 17:09:28 2015 -0700

Note potential memory exhaustion DoS.

Also clarify terminology and address some formatting issues.
---
 proposals/xxx-padding-negotiation.txt |  184 -
 1 file changed, 113 insertions(+), 71 deletions(-)

diff --git a/proposals/xxx-padding-negotiation.txt 
b/proposals/xxx-padding-negotiation.txt
index 005045a..4202540 100644
--- a/proposals/xxx-padding-negotiation.txt
+++ b/proposals/xxx-padding-negotiation.txt
@@ -26,19 +26,23 @@ relays, or request that relays not send them padding to 
conserve
 bandwidth. This proposal aims to create a mechanism for clients to do
 both of these.
 
+It also establishes consensus parameters to limit the amount of padding
+that relays will send, to prevent custom wingnut clients from requesting
+too much.
+
 
 2. Link-level padding
 
-Padding is most urgently needed to defend against a malicious or
+Padding is most useful if it can defend against a malicious or
 compromised guard node. However, link-level padding is still useful to
 defend against an adversary that can merely observe a Guard node
-externally. Right now, the only case where link-level padding is known
-to defend against any realistic attacker is for low-resolution
-netflow-based attacks (see Proposal 251[1]).
+externally, such as for low-resolution netflow-based attacks (see
+Proposal 251[1]).
 
-In that scenario, the primary mechanism we need is a way for mobile
-clients to tell their Guards to stop padding, or to pad less often. The
-following Trunnel payloads should cover the needed parameters:
+In that scenario, the primary negotiation mechanism we need is a way for
+mobile clients to tell their Guards to stop padding, or to pad less
+often. The following Trunnel payloads should cover the needed
+parameters:
 
 const CELL_PADDING_COMMAND_STOP = 1;
 const CELL_PADDING_COMMAND_START = 2;
@@ -49,9 +53,9 @@ following Trunnel payloads should cover the needed parameters:
   u8 command IN [CELL_PADDING_COMMAND_STOP];
 };
 
-/* This command tells the relay to alter its min and max timeout
-   range values, and send padding at that rate (resuming if
-   stopped). */
+/* This command tells the relay to alter its min and max netflow
+   timeout range values, and send padding at that rate (resuming
+   if stopped). */
 struct cell_padding_start {
   u8 command IN [CELL_PADDING_COMMAND_START];
 
@@ -63,25 +67,28 @@ following Trunnel payloads should cover the needed 
parameters:
   u16 ito_high_ms;
 };
 
-More complicated forms of link padding can still be specified using
-the primitives in Section 3, by using "leaky pipe" topology to send
-the RELAY commands to the Guard node instead of to later nodes in the
-circuit.
+More complicated forms of link-level padding can still be specified
+using the primitives in Section 3, by using "leaky pipe" topology to
+send the RELAY commands to the Guard node instead of to later nodes in
+the circuit.
 
 
 3. End-to-end circuit padding
 
-For end-to-end padding, we need two types of additional features: the
+For circuit-level padding, we need two types of additional features: the
 ability to schedule additional incoming cells at one or more fixed
 points in the future, and the ability to schedule a statistical
 distribution of arbitrary padding to overlay on top of non-padding
 traffic (aka "Adaptive Padding").
 
 In both cases, these messages will be sent from clients to middle nodes
-using "leaky pipe" property of the 'recognized' field of RELAY cells,
-allowing padding to originate from middle nodes on a circuit in a way
-that is not detectable from the Guard node. This same mechanism can also
-be used to request padding from the Guard node itself.
+using the "leaky pipe" property of the 'recognized' field of RELAY
+cells, allowing padding to originate from middle nodes on a circuit in a
+way that is not detectable from the Guard node.
+
+This same mechanism can also be used to request padding from the Guard
+node itself, to achieve link-level padding without the additional
+overhead requirements on middle nodes.
 
 3.1. Fixed-schedule padding message (RELAY_COMMAND_PADDING_SCHEDULE)
 
@@ -92,7 +99,8 @@ fixed time points in the future to send cells.
 XXX: 80 timers is a lot to allow every client to create. We may want to
 have something that checks this structure to ensure it actually
 schedules no more than N in practice, until we figure out how to
-optimize either libevent or timer scheduling/packet delivery.
+optimize either libevent or timer scheduling/packet delivery. See also
+Section 4.3.
 
 The RELAY_COMMAND_PADDING_SCHEDULE body is specified in Trunnel as
 follows:
@@ -121,8 +129,9 @@ with 100 cells in 3*MAX_INT microseconds from the receipt 
of this cell.
 The following message is a generalization of the Adaptive Padding
 defense 

[tor-commits] [torspec/master] Merge remote-tracking branch 'tpo-mikeperry/padding_negotiation-squashed'

[isis]

commit 45407cd6ad108aeae9d11e2df6db902d0fbb20b1
Merge: 887d1c1 8ee79e0
Author: Isis Lovecruft 
Date:   Fri Sep 25 11:33:16 2015 +

Merge remote-tracking branch 'tpo-mikeperry/padding_negotiation-squashed'

 proposals/xxx-padding-negotiation.txt |  628 +
 1 file changed, 628 insertions(+)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Update proposal based on Teor's comments.

[isis]

commit 69c95087851a09602034b6614a0cc0cfa53f03a9
Author: Mike Perry 
Date:   Sun Sep 13 18:39:32 2015 -0700

Update proposal based on Teor's comments.

Changes:

* A zero machines.transition_burst_events means an immediate
  transition to the burst state.
* Added RELAY_PADDING_TRANSITION_EVENT_BINS_EMPTY to allow a state
  transition when the bins become empty.
* Change remove_tokens to allow client to specify removal direction
  for non-padding packets.
* Make RELAY_COMMAND_PADDING_SCHEDULE take a variable number of scheduled
  times.
* Increase and clarify rate limits.
---
 proposals/xxx-padding-negotiation.txt |   62 -
 1 file changed, 45 insertions(+), 17 deletions(-)

diff --git a/proposals/xxx-padding-negotiation.txt 
b/proposals/xxx-padding-negotiation.txt
index 0292f22..b7d4e75 100644
--- a/proposals/xxx-padding-negotiation.txt
+++ b/proposals/xxx-padding-negotiation.txt
@@ -106,11 +106,13 @@ The RELAY_COMMAND_PADDING_SCHEDULE body is specified in 
Trunnel as
 follows:
 
 struct relay_padding_schedule {
+   u8 schedule_length IN [1..80];
+
/* Number of microseconds before sending cells (cumulative) */
-   u32 when_send[80];
+   u32 when_send[schedule_length];
 
/* Number of cells to send at time point sum(when_send[0..i]) */
-   u16 num_cells[80];
+   u16 num_cells[schedule_length];
 
/* Adaptivity: If 1, and server-originating cells arrive before the
   next when_send time, then decrement the next non-zero when_send
@@ -124,6 +126,10 @@ other words, sending a cell with when_send = [MAX_INT, 
MAX_INT, MAX_INT,
 0...] and num_cells = [0, 0, 100, 0...] would cause the relay to reply
 with 100 cells in 3*MAX_INT microseconds from the receipt of this cell.
 
+This scheduled padding is non-periodic. For any forms of periodic
+padding, implementations should use the RELAY_COMMAND_PADDING_ADAPTIVE
+cell from Section 3.2 instead.
+
 3.2. Adaptive Padding message (RELAY_COMMAND_PADDING_ADAPTIVE)
 
 The following message is a generalization of the Adaptive Padding
@@ -175,6 +181,13 @@ specified in Trunnel as follows:
 const RELAY_PADDING_TRANSITION_EVENT_PADDING_SENT = 4;
 const RELAY_PADDING_TRANSITION_EVENT_PADDING_RECV = 8;
 const RELAY_PADDING_TRANSITION_EVENT_INFINITY = 16;
+const RELAY_PADDING_TRANSITION_EVENT_BINS_EMPTY = 32;
+
+/* Token Removal rules. Enum, not bitfield. */
+const RELAY_PADDING_REMOVE_NO_TOKENS = 0;
+const RELAY_PADDING_REMOVE_LOWER_TOKENS = 1;
+const RELAY_PADDING_REMOVE_HIGHER_TOKENS = 2;
+const RELAY_PADDING_REMOVE_CLOSEST_TOKENS = 3;
 
 /* This payload encodes a histogram delay distribution representing
  * the probability of sending a single RELAY_DROP cell after a
@@ -205,7 +218,7 @@ specified in Trunnel as follows:
 
   /* If true, remove tokens from the histogram upon padding and
* non-padding activity. */
-  u8 remove_toks IN [0,1];
+  u8 remove_tokens IN [0..3];
 };
 
 /* This histogram encodes a delay distribution representing the
@@ -237,7 +250,7 @@ specified in Trunnel as follows:
 
   /* If true, remove tokens from the histogram upon padding and
  non-padding activity. */
-  u8 remove_toks IN [0,1];
+  u8 remove_tokens IN [0..3];
 };
 
 struct adaptive_padding_machine {
@@ -253,6 +266,9 @@ specified in Trunnel as follows:
 /* This is the full payload of a RELAY_COMMAND_PADDING_ADAPTIVE
  * cell. */
 struct relay_command_padding_adaptive {
+   /* Technically, we could allow more than 2 state machines here,
+  but only two are sure to fit. More than 2 seems excessive
+  anyway. */
u8 num_machines IN [1,2];
 
struct adaptive_padding_machine machines[num_machines];
@@ -268,7 +284,9 @@ Each state machine has a Start state S, a Burst state B, 
and a Gap state
 G.
 
 The state machine starts idle (state S) until it receives a packet of a
-type that matches the bitmask in machines[i].transition_burst_events.
+type that matches the bitmask in machines[i].transition_burst_events. If
+machines[i].transition_burst_events is 0, transition to the burst state
+happens immediately.
 
 This causes it to enter burst mode (state B), in which a delay t is
 sampled from the Burst histogram, and a timer is scheduled to count down
@@ -382,7 +400,7 @@ n = histogram_len-1
 INFINITY_BIN = n
 
 a[0] = start_usec;
-b[0] = start_usec + max_sec*USEC_PER_SEC/2^(n);
+b[0] = start_usec + max_sec*USEC_PER_SEC/2^(n-1);
 for(i=1; i < n; i++) {
   a[i] = start_usec + max_sec*USEC_PER_SEC/2^(n-i)
   b[i] = start_usec + max_sec*USEC_PER_SEC/2^(n-i-1)
@@ -416,18 +434,25 @@ accuracy to larger timescales (where accuracy is not as 
important).
 
 3.2.4. Token removal and refill
 
-If the remove_tok field is set to true for a given state's histogram,
-then whenever a padding packet is sent, the 

[tor-commits] [torspec/master] Add overhead accounting information.

[isis]

commit 8ee79e004dd83830446002a7fb0b1689c90130cb
Author: Mike Perry 
Date:   Sun Sep 13 19:32:39 2015 -0700

Add overhead accounting information.

Also fix a typo pointed out by Marc Juarez, and perform some other misc
cleanups.
---
 proposals/xxx-padding-negotiation.txt |   49 +
 1 file changed, 43 insertions(+), 6 deletions(-)

diff --git a/proposals/xxx-padding-negotiation.txt 
b/proposals/xxx-padding-negotiation.txt
index b7d4e75..a42bd6c 100644
--- a/proposals/xxx-padding-negotiation.txt
+++ b/proposals/xxx-padding-negotiation.txt
@@ -192,6 +192,8 @@ specified in Trunnel as follows:
 /* This payload encodes a histogram delay distribution representing
  * the probability of sending a single RELAY_DROP cell after a
  * given delay in response to a non-padding cell.
+ *
+ * Payload max size: 113 bytes
  */
 struct burst_state {
   u8 histogram_len IN [2..51];
@@ -224,6 +226,8 @@ specified in Trunnel as follows:
 /* This histogram encodes a delay distribution representing the
  * probability of sending a single additional padding packet after
  * sending a padding packet that originated at this hop.
+ *
+ * Payload max size: 113 bytes
  */
 struct gap_state {
   u8 histogram_len IN [2..51];
@@ -253,6 +257,7 @@ specified in Trunnel as follows:
   u8 remove_tokens IN [0..3];
 };
 
+/* Payload max size: 227 bytes */
 struct adaptive_padding_machine {
   /* This is a bitfield which specifies which direction and types
* of traffic should cause us to transition to the burst
@@ -264,7 +269,10 @@ specified in Trunnel as follows:
 };
 
 /* This is the full payload of a RELAY_COMMAND_PADDING_ADAPTIVE
- * cell. */
+ * cell.
+ *
+ * Payload max size: 455 bytes
+ */
 struct relay_command_padding_adaptive {
/* Technically, we could allow more than 2 state machines here,
   but only two are sure to fit. More than 2 seems excessive
@@ -346,7 +354,7 @@ histograms that the client uses locally will differ from 
the ones it
 sends to the upstream relay.
 
 On the client, the "SENT" direction means packets destined towards the
-upstream, where as "RECV" means packets destined towards the client.
+relay, where as "RECV" means packets destined towards the client.
 However, on the relay, the "SENT" direction means packets destined
 towards the client, where as "RECV" means packets destined towards the
 relay.
@@ -489,7 +497,7 @@ possible.
 The risks from this proposal are primarily DoS/resource exhaustion, and
 side channels.
 
-4.1. Rate limiting
+4.1. Rate limiting and accounting
 
 Fully client-requested padding introduces a vector for resource
 amplification attacks and general network overload due to
@@ -523,9 +531,38 @@ padding requests should be ignored:
 XXX: Should we cap padding at these rates, or fully disable it once
 they're crossed? Probably cap?
 
-Proposal 251 introduced extra-info accounting at relays to enable us to
-measure the total overhead of both link and circuit-level padding at
-various relays.
+In order to monitor the quantity of padding to decide if we should alter
+these limits in the consensus, every node will publish the following
+values in a padding-counts line in its extra-info descriptor:
+
+ * write-drop-multihop
+   - The number of RELAY_DROP cells sent by this relay to a next hop
+ that is listed in the consensus.
+ * write-drop-onehop
+   - The number of RELAY_DROP cells sent by this relay to a next hop
+ that is not listed in the consensus.
+ * write-pad
+   - The number of CELL_PADDING cells sent by this relay.
+ * write-total
+   - The total number of cells sent by this relay.
+ * read-drop-multihop
+   - The number of RELAY_DROP cells read by this relay from a hop
+ that is listed in the consensus.
+ * read-drop-onehop
+   - The number of RELAY_DROP cells read by this relay from a hop
+ that is not listed in the consensus.
+ * read-pad
+   - The number of CELL_PADDING cells read by this relay.
+ * read-total
+   - The total number of cells read by this relay.
+
+Each of these counters will be rounded to the nearest 10,000 cells. This
+rounding parameter will also be listed in the extra-info descriptor line, in
+case we change it in a later release.
+
+In the future, we may decide to introduce Laplace Noise in a similar
+manner to the hidden service statistics, to further obscure padding
+quantities.
 
 4.2. Malicious state machines
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [metrics-db/master] Fix broken link.

[karsten]

commit c40222ae5ca3a3ec04761f52e303fa18596183fa
Author: Karsten Loesing 
Date:   Fri Sep 25 21:19:11 2015 +0200

Fix broken link.
---
 web/formats.html |7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/web/formats.html b/web/formats.html
index 3d6c2ba..19ac177 100644
--- a/web/formats.html
+++ b/web/formats.html
@@ -567,11 +567,12 @@ measurement; optional.
 
 
 
-The files in recent
+The files in recent
 accumulate all new Torperf measurements of a given day, which means that
 they may change throughout the day.
-This is different from all other files in the recent
-directory which do not change once they are written.
+This is different from some of the other files in the
+recent directory which do not change once they are
+written.
 
 
  

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-ircproperties] Update translations for tor-messenger-ircproperties

[translation]

commit ba030347219d92da5782694889f7bf8ec29fef23
Author: Translation commit bot 
Date:   Fri Sep 25 06:46:38 2015 +

Update translations for tor-messenger-ircproperties
---
 id/irc.properties |   14 +++---
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/id/irc.properties b/id/irc.properties
index cfbd862..52eae2e 100644
--- a/id/irc.properties
+++ b/id/irc.properties
@@ -47,13 +47,13 @@ ctcp.time=Waktu untuk %1$S adalah %2$S.
 #   These are the help messages for each command, the %S is the command name
 #   Each command first gives the parameter it accepts and then a description of
 #   the command.
-command.action=%S action to perform: Perform an action.
-command.ctcp=%S nick msg: Sends a CTCP message to the nick.
-command.chanserv=%S command: Send a command to ChanServ.
-command.deop=%S nick1[,nick2]*: Remove channel operator status 
from someone. You must be a channel operator to do this.
-command.devoice=%S nick1[,nick2]*: Remove channel voice status 
from someone, preventing them from speaking if the channel is moderated (+m). 
You must be a channel operator to do this.
-command.invite2=%S nick[ nick]* [channel]: Invite one 
or more nicks to join you in the current channel, or to join the specified 
channel.
-command.join=%S room1[ key1][,room2[ key2]]*: 
Enter one or more channels, optionally providing a channel key for each if 
needed.
+command.action=%S action to perform: melakukan tindakan
+command.ctcp=%S nick msg: mengirim CTCP ke nama samaran.
+command.chanserv=%S command: mengirim perintah ke ChanSrv.
+command.deop=%S nick1[,nick2]*: Membuang status operator kanal 
seseorang. Anda harus menjadi operator kanal untuk melakukan hal ini.
+command.devoice=%S nick1[,nick2]*: Membuang status kanal suara 
seseorang, mencegahnya berbicara jika kanal dimoderasi (+m). Anda harus menjadi 
operator kanal untuk melakukan hal ini.
+command.invite2=%S nick[ nick]* [channel]: mengundang 
satu atau lebih nama samaran untuk bergabung denganmu di kanal ini, atau 
bergabung dengan kanal tertentu.
+command.join=%S room1[ key1][,room2[ key2]]*: 
Memasukan satu atau lebih kanal, optional menyediakan kunci kanal masing-masing 
jika dibutuhkan.
 command.kick=%S nick [message]: Remove someone from a channel. 
You must be a channel operator to do this.
 command.list=%S: Display a list of chat rooms on the network. Warning, some 
servers may disconnect you upon doing this.
 command.memoserv=%S command: Send a command to MemoServ.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-ircproperties] Update translations for tor-messenger-ircproperties

[translation]

commit d65e1d06eedb7132ad7795f541ab9780f4fe
Author: Translation commit bot 
Date:   Fri Sep 25 07:16:27 2015 +

Update translations for tor-messenger-ircproperties
---
 id/irc.properties |   42 +-
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/id/irc.properties b/id/irc.properties
index 52eae2e..4fc394a 100644
--- a/id/irc.properties
+++ b/id/irc.properties
@@ -54,27 +54,27 @@ command.deop=%S nick1[,nick2]*: Membuang 
status operator kanal s
 command.devoice=%S nick1[,nick2]*: Membuang status kanal suara 
seseorang, mencegahnya berbicara jika kanal dimoderasi (+m). Anda harus menjadi 
operator kanal untuk melakukan hal ini.
 command.invite2=%S nick[ nick]* [channel]: mengundang 
satu atau lebih nama samaran untuk bergabung denganmu di kanal ini, atau 
bergabung dengan kanal tertentu.
 command.join=%S room1[ key1][,room2[ key2]]*: 
Memasukan satu atau lebih kanal, optional menyediakan kunci kanal masing-masing 
jika dibutuhkan.
-command.kick=%S nick [message]: Remove someone from a channel. 
You must be a channel operator to do this.
-command.list=%S: Display a list of chat rooms on the network. Warning, some 
servers may disconnect you upon doing this.
-command.memoserv=%S command: Send a command to MemoServ.
-command.modeUser=%S (+|-)new mode [nick]: Set or unset a 
user's mode.
-command.modeChannel=%S channel[ (+|-)new mode 
[parameter][,parameter]*]: Get, set or unset a channel mode.
-command.msg=%S nick message: Send a private message to a user 
(as opposed to a channel).
-command.nick=%S new nickname: Change your nickname.
-command.nickserv=%S command: Send a command to NickServ.
-command.notice=%S target message: Send a notice to a user or 
channel.
-command.op=%S nick1[,nick2]*: Grant channel operator status to 
someone. You must be a channel operator to do this.
-command.operserv=%S command: Send a command to OperServ.
-command.part=%S [message]: Leave the current channel with an optional message.
-command.ping=%S [nick]: Asks how much lag a user (or the server if no 
user specified) has.
-command.quit=%S message: Disconnect from the server, with an optional 
message.
-command.quote=%S command: Send a raw command to the server.
-command.time=%S: Displays the current local time at the IRC server.
-command.topic=%S [new topic]: Set this channel's topic.
-command.umode=%S (+|-)new mode: Set or unset a user mode.
-command.version=%S nick: Request the version of a user's client.
-command.voice=%S nick1[,nick2]*: Grant channel voice status to 
someone. You must be a channel operator to do this.
-command.whois2=%S [nick]: Mendapat informasi ke seorang pengguna.
+command.kick=%S nick [message]: Menghapus seseorang dari 
kanal. Anda harus menjadi operator kanal untuk melakukan hal ini.
+command.list=%S: Menampilkan daftar ruang ngobrol di jaringan. Awas, beberapa 
server mungkin memutus koneksimu jika melakukan hal ini.
+command.memoserv=%S command: mengirim perintah ke MemoServ.
+command.modeUser=%S (+|-)new mode [nick]: membuat atau merubah 
moda pemakai.
+command.modeChannel=%S channel[ (+|-)new mode 
[parameter][,parameter]*]: Mengambil, menyusun atau merombak 
moda kanal.
+command.msg=%S nick message: Mengirim pesan pribadi kepada 
pengguna (sebagai kebalikan dari pesan ke kanal)
+command.nick=%S new nickname: Merubah nama samaran.
+command.nickserv=%S command: Mengirim perintah ke NickServ.
+command.notice=%S target message: Mengirim pemberitahuan ke 
pengguna atau kanal.
+command.op=%S nick1[,nick2]*: Memberi status operator kanal 
pada seseorang. Anda harus menjadi operator kanal agar bisa melakukan hal ini.
+command.operserv=%S command: mengirim satu perintah ke OperServ.
+command.part=%S [message]: Meninggalkan kanal ini dengan pesan pilihan.
+command.ping=%S [nick]: Menanyakan berapa banyak pengguna (atau server 
jika tidak ada pengguna) yang tertinggal,
+command.quit=%S message: Memutus koneksi server, dengan pilihan pesan.
+command.quote=%S command: Mengirim pesan belum terolah ke server.
+command.time=%S: Menampilkan waktu setempat saat ini di server IRC.
+command.topic=%S [new topic]: Membuat judul kanal.
+command.umode=%S (+|-)new mode: membuat atau merubah moda pengguna.
+command.version=%S nick: Meminta versi klien pengguna.
+command.voice=%S nick1[,nick2]*: Memberi status kanal suara 
pada seseorang. Anda harus menjadi operator kanal untuk dapat melakukan hal ini.
+command.whois2=%S [nick]: Meminta informasi pengguna.
 
 # LOCALIZATION NOTE (message.*):
 #These are shown as system messages in the conversation.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-ircproperties_completed] Update translations for tor-messenger-ircproperties_completed

[translation]

commit 5f8a59696807c1cb76547374f491d938c443cc61
Author: Translation commit bot 
Date:   Fri Sep 25 07:16:31 2015 +

Update translations for tor-messenger-ircproperties_completed
---
 id/irc.properties |  205 +
 1 file changed, 205 insertions(+)

diff --git a/id/irc.properties b/id/irc.properties
new file mode 100644
index 000..4fc394a
--- /dev/null
+++ b/id/irc.properties
@@ -0,0 +1,205 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# LOCALIZATION NOTE (irc.usernameHint):
+#  This is displayed inside the accountUsernameInfoWithDescription
+#  string defined in imAccounts.properties when the user is
+#  configuring an IRC account.
+irc.usernameHint=nick
+
+# LOCALIZATION NOTE (connection.error.*):
+#   These will show in the account manager if the account is
+#   disconnected because of an error.
+connection.error.lost=Sambungan dengan server terputus
+connection.error.timeOut=Sambungan melewati batas waktu
+connection.error.invalidUsername=%S bukan nama pengguna yang diizinkan
+connection.error.invalidPassword=Sandi server tidak valid
+connection.error.passwordRequired=Membutuhkan sandi
+
+# LOCALIZATION NOTE (joinChat.*):
+#   These show up on the join chat menu. An underscore is for the access key.
+joinChat.channel=Sa_luran
+joinChat.password=_Sandi
+
+# LOCALIZATION NOTE (options.*):
+#   These are the protocol specific options shown in the account manager and
+#   account wizard windows.
+options.server=Server
+options.port=Port
+options.ssl=Gunakan SSL
+options.encoding=Set Karakter
+options.quitMessage=Pesan keluar
+options.partMessage=Bagian pesan
+options.showServerTab=Tampilkan pesan dari server
+options.alternateNicks=Nick alternatif
+
+# LOCALIZATION NOTE (ctcp.version):
+#   %1$S is the nickname of the user whose version was requested.
+#   %2$S is the version response from the client.
+ctcp.version=%1$S menggunakan "%2$S".
+# LOCALIZATION NOTE (ctcp.time):
+#   %1$S is the nickname of the user whose time was requested.
+#   %2$S is the time response.
+ctcp.time=Waktu untuk %1$S adalah %2$S.
+
+# LOCALZIATION NOTE (command.*):
+#   These are the help messages for each command, the %S is the command name
+#   Each command first gives the parameter it accepts and then a description of
+#   the command.
+command.action=%S action to perform: melakukan tindakan
+command.ctcp=%S nick msg: mengirim CTCP ke nama samaran.
+command.chanserv=%S command: mengirim perintah ke ChanSrv.
+command.deop=%S nick1[,nick2]*: Membuang status operator kanal 
seseorang. Anda harus menjadi operator kanal untuk melakukan hal ini.
+command.devoice=%S nick1[,nick2]*: Membuang status kanal suara 
seseorang, mencegahnya berbicara jika kanal dimoderasi (+m). Anda harus menjadi 
operator kanal untuk melakukan hal ini.
+command.invite2=%S nick[ nick]* [channel]: mengundang 
satu atau lebih nama samaran untuk bergabung denganmu di kanal ini, atau 
bergabung dengan kanal tertentu.
+command.join=%S room1[ key1][,room2[ key2]]*: 
Memasukan satu atau lebih kanal, optional menyediakan kunci kanal masing-masing 
jika dibutuhkan.
+command.kick=%S nick [message]: Menghapus seseorang dari 
kanal. Anda harus menjadi operator kanal untuk melakukan hal ini.
+command.list=%S: Menampilkan daftar ruang ngobrol di jaringan. Awas, beberapa 
server mungkin memutus koneksimu jika melakukan hal ini.
+command.memoserv=%S command: mengirim perintah ke MemoServ.
+command.modeUser=%S (+|-)new mode [nick]: membuat atau merubah 
moda pemakai.
+command.modeChannel=%S channel[ (+|-)new mode 
[parameter][,parameter]*]: Mengambil, menyusun atau merombak 
moda kanal.
+command.msg=%S nick message: Mengirim pesan pribadi kepada 
pengguna (sebagai kebalikan dari pesan ke kanal)
+command.nick=%S new nickname: Merubah nama samaran.
+command.nickserv=%S command: Mengirim perintah ke NickServ.
+command.notice=%S target message: Mengirim pemberitahuan ke 
pengguna atau kanal.
+command.op=%S nick1[,nick2]*: Memberi status operator kanal 
pada seseorang. Anda harus menjadi operator kanal agar bisa melakukan hal ini.
+command.operserv=%S command: mengirim satu perintah ke OperServ.
+command.part=%S [message]: Meninggalkan kanal ini dengan pesan pilihan.
+command.ping=%S [nick]: Menanyakan berapa banyak pengguna (atau server 
jika tidak ada pengguna) yang tertinggal,
+command.quit=%S message: Memutus koneksi server, dengan pilihan pesan.
+command.quote=%S command: Mengirim pesan belum terolah ke server.
+command.time=%S: Menampilkan waktu setempat saat ini di server IRC.
+command.topic=%S [new topic]: Membuat judul kanal.
+command.umode=%S (+|-)new mode: membuat atau merubah moda pengguna.
+command.version=%S nick: Meminta versi klien pengguna.
+command.voice=%S nick1[,nick2]*: Memberi status kanal suara 
pada 

[tor-commits] [torspec/master] Add mikeperry's padding negotiation proposal and give it a number.

[isis]

commit 91e207e91d0375273004ecf16364c073e3e82043
Author: Isis Lovecruft 
Date:   Fri Sep 25 11:40:28 2015 +

Add mikeperry's padding negotiation proposal and give it a number.
---
 proposals/000-index.txt   |2 +
 proposals/254-padding-negotiation.txt |  628 +
 proposals/proposal-status.txt |6 +
 proposals/xxx-padding-negotiation.txt |  628 -
 4 files changed, 636 insertions(+), 628 deletions(-)

diff --git a/proposals/000-index.txt b/proposals/000-index.txt
index 0460e87..c1f42e2 100644
--- a/proposals/000-index.txt
+++ b/proposals/000-index.txt
@@ -174,6 +174,7 @@ Proposals by number:
 251  Padding for netflow record resolution reduction [DRAFT]
 252  Single Onion Services [DRAFT]
 253  Out of Band Circuit HMACs [DRAFT]
+254  Padding Negotiation [DRAFT]
 
 
 Proposals by status:
@@ -195,6 +196,7 @@ Proposals by status:
251  Padding for netflow record resolution reduction
252  Single Onion Services
253  Out of Band Circuit HMACs
+   254  Padding Negotiation
  NEEDS-REVISION:
190  Bridge Client Authorization Based on a Shared Secret
  OPEN:
diff --git a/proposals/254-padding-negotiation.txt 
b/proposals/254-padding-negotiation.txt
new file mode 100644
index 000..e4da004
--- /dev/null
+++ b/proposals/254-padding-negotiation.txt
@@ -0,0 +1,628 @@
+Filename: 254-padding-negotiation.txt
+Title: Padding Negotiation
+Authors: Mike Perry
+Created: 01 September 2015
+Status: Draft
+
+
+0. Overview
+
+This proposal aims to describe mechanisms for requesting various types
+of padding from relays.
+
+These padding primitives are general enough to use to defend against
+both website traffic fingerprinting as well as hidden service circuit
+setup fingerprinting.
+
+
+1. Motivation
+
+Tor already supports both link-level padding via (CELL_PADDING cell
+types), as well as circuit-level padding (via RELAY_COMMAND_DROP relay
+cells).
+
+Unfortunately, there is no way for clients to request padding from
+relays, or request that relays not send them padding to conserve
+bandwidth. This proposal aims to create a mechanism for clients to do
+both of these.
+
+It also establishes consensus parameters to limit the amount of padding
+that relays will send, to prevent custom wingnut clients from requesting
+too much.
+
+
+2. Link-level padding
+
+Padding is most useful if it can defend against a malicious or
+compromised guard node. However, link-level padding is still useful to
+defend against an adversary that can merely observe a Guard node
+externally, such as for low-resolution netflow-based attacks (see
+Proposal 251[1]).
+
+In that scenario, the primary negotiation mechanism we need is a way for
+mobile clients to tell their Guards to stop padding, or to pad less
+often. The following Trunnel payloads should cover the needed
+parameters:
+
+const CELL_PADDING_COMMAND_STOP = 1;
+const CELL_PADDING_COMMAND_START = 2;
+
+/* This command tells the relay to stop sending any periodic
+   CELL_PADDING cells. */
+struct cell_padding_stop {
+  u8 command IN [CELL_PADDING_COMMAND_STOP];
+};
+
+/* This command tells the relay to alter its min and max netflow
+   timeout range values, and send padding at that rate (resuming
+   if stopped). */
+struct cell_padding_start {
+  u8 command IN [CELL_PADDING_COMMAND_START];
+
+  /* Min must not be lower than the current consensus parameter
+ nf_ito_low. */
+  u16 ito_low_ms;
+
+  /* Max must not be lower than ito_low_ms */
+  u16 ito_high_ms;
+};
+
+More complicated forms of link-level padding can still be specified
+using the primitives in Section 3, by using "leaky pipe" topology to
+send the RELAY commands to the Guard node instead of to later nodes in
+the circuit.
+
+
+3. End-to-end circuit padding
+
+For circuit-level padding, we need two types of additional features: the
+ability to schedule additional incoming cells at one or more fixed
+points in the future, and the ability to schedule a statistical
+distribution of arbitrary padding to overlay on top of non-padding
+traffic (aka "Adaptive Padding").
+
+In both cases, these messages will be sent from clients to middle nodes
+using the "leaky pipe" property of the 'recognized' field of RELAY
+cells, allowing padding to originate from middle nodes on a circuit in a
+way that is not detectable from the Guard node.
+
+This same mechanism can also be used to request padding from the Guard
+node itself, to achieve link-level padding without the additional
+overhead requirements on middle nodes.
+
+3.1. Fixed-schedule padding message (RELAY_COMMAND_PADDING_SCHEDULE)
+
+The fixed schedule padding will be encoded in a
+RELAY_COMMAND_PADDING_SCHEDULE cell. It specifies a set of up to 80
+fixed time points in the future to send cells.
+
+XXX: 80 timers is a lot to allow every client to create. We may want to
+have something that 

[tor-commits] [translation/tor-messenger-authproperties] Update translations for tor-messenger-authproperties

[translation]

commit 025af4d70b8793c78c2a8bb4098f51e0d9097107
Author: Translation commit bot 
Date:   Fri Sep 25 12:16:17 2015 +

Update translations for tor-messenger-authproperties
---
 sq/auth.properties |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sq/auth.properties b/sq/auth.properties
index bab9878..1d65fcb 100644
--- a/sq/auth.properties
+++ b/sq/auth.properties
@@ -1,4 +1,4 @@
-auth.title=Verifikoni identitetin e %S's
+auth.title=Verifikoni identitetin e %S.
 auth.yourFingerprint=Gjurmë gishti për ju, %S:\n%S
 auth.theirFingerprint=Gjurma e gishtit e pandehur për %S:\n%S
 auth.help=Verifikimi i identitetit të një kontakti ndihmon për t'u siguruar 
se personi me të cilin po flisni është ai që pretendon se është.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-misc_completed] Update translations for tails-misc_completed

[translation]

commit 8893819428edb8035541f5d1bfec9544db4d5dfc
Author: Translation commit bot 
Date:   Fri Sep 25 12:15:45 2015 +

Update translations for tails-misc_completed
---
 sq.po |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sq.po b/sq.po
index f53c300..7b67a26 100644
--- a/sq.po
+++ b/sq.po
@@ -9,7 +9,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2015-09-20 19:32+0200\n"
-"PO-Revision-Date: 2015-09-24 19:36+\n"
+"PO-Revision-Date: 2015-09-25 11:52+\n"
 "Last-Translator: Bujar Tafili\n"
 "Language-Team: Albanian 
(http://www.transifex.com/otf/torproject/language/sq/)\n"
 "MIME-Version: 1.0\n"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tails-misc] Update translations for tails-misc

[translation]

commit 7361e36775c7c07981d207ea682ace6f9e7b888d
Author: Translation commit bot 
Date:   Fri Sep 25 12:15:41 2015 +

Update translations for tails-misc
---
 sq.po |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sq.po b/sq.po
index f53c300..7b67a26 100644
--- a/sq.po
+++ b/sq.po
@@ -9,7 +9,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2015-09-20 19:32+0200\n"
-"PO-Revision-Date: 2015-09-24 19:36+\n"
+"PO-Revision-Date: 2015-09-25 11:52+\n"
 "Last-Translator: Bujar Tafili\n"
 "Language-Team: Albanian 
(http://www.transifex.com/otf/torproject/language/sq/)\n"
 "MIME-Version: 1.0\n"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] A day has passed.

[nickm]

commit 9a4cac74fd2f4bb300830e06ff56f74ccf91e373
Author: Nick Mathewson 
Date:   Fri Sep 25 09:06:41 2015 -0400

A day has passed.
---
 ChangeLog |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 67de1b8..25c7442 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,4 @@
-Changes in version 0.2.7.3-rc - 2015-09-24
+Changes in version 0.2.7.3-rc - 2015-09-25
   Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It
   contains numerous usability fixes for Ed25519 keys, safeguards against
   several misconfiguration problems, significant simplifications to

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-prefsdtd_completed] Update translations for tor-messenger-prefsdtd_completed

[translation]

commit 56efc45954c38297a42da7ba93d59f644f0532dc
Author: Translation commit bot 
Date:   Fri Sep 25 12:16:58 2015 +

Update translations for tor-messenger-prefsdtd_completed
---
 sq/prefs.dtd |   13 +
 1 file changed, 13 insertions(+)

diff --git a/sq/prefs.dtd b/sq/prefs.dtd
new file mode 100644
index 000..bf578f0
--- /dev/null
+++ b/sq/prefs.dtd
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-prefsdtd] Update translations for tor-messenger-prefsdtd

[translation]

commit c384c2ebd4593eff807750de905a31ee21b83c08
Author: Translation commit bot 
Date:   Fri Sep 25 12:16:50 2015 +

Update translations for tor-messenger-prefsdtd
---
 sq/prefs.dtd |   20 ++--
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/sq/prefs.dtd b/sq/prefs.dtd
index a645600..bf578f0 100644
--- a/sq/prefs.dtd
+++ b/sq/prefs.dtd
@@ -1,13 +1,13 @@
-
-
+
+
 
-
-
-
+
+
+
 
 
-
-
-
-
-
\ No newline at end of file
+
+
+
+
+
\ No newline at end of file

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-authproperties_completed] Update translations for tor-messenger-authproperties_completed

[translation]

commit 6dd0818bf2fe4fc01a8bc9d878c55c349969b87d
Author: Translation commit bot 
Date:   Fri Sep 25 12:16:22 2015 +

Update translations for tor-messenger-authproperties_completed
---
 sq/auth.properties |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sq/auth.properties b/sq/auth.properties
index bab9878..1d65fcb 100644
--- a/sq/auth.properties
+++ b/sq/auth.properties
@@ -1,4 +1,4 @@
-auth.title=Verifikoni identitetin e %S's
+auth.title=Verifikoni identitetin e %S.
 auth.yourFingerprint=Gjurmë gishti për ju, %S:\n%S
 auth.theirFingerprint=Gjurma e gishtit e pandehur për %S:\n%S
 auth.help=Verifikimi i identitetit të një kontakti ndihmon për t'u siguruar 
se personi me të cilin po flisni është ai që pretendon se është.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-otrproperties_completed] Update translations for tor-messenger-otrproperties_completed

[translation]

commit aa5dcb6e568b61ac0f71615dbb88da1ffe204536
Author: Translation commit bot 
Date:   Fri Sep 25 12:16:44 2015 +

Update translations for tor-messenger-otrproperties_completed
---
 sq/otr.properties |   31 +++
 1 file changed, 31 insertions(+)

diff --git a/sq/otr.properties b/sq/otr.properties
new file mode 100644
index 000..ada3ed7
--- /dev/null
+++ b/sq/otr.properties
@@ -0,0 +1,31 @@
+msgevent.encryption_required_part1=Ju u orvatët të dërgoni një mesazh të 
pashifruar tek %S. Politika është që mesazhet e pashifruara të mos lejohen.
+msgevent.encryption_required_part2=Duke u përpjekur që të nisim një 
bisedë private. Mesazhi juaj do të transmetohet kur të nisi biseda private.
+msgevent.encryption_error=U has një gabim gjatë shifrimit të mesazhit tuaj. 
Mesazhi nuk u dërgua.
+msgevent.connection_ended=%S tashmë e ka mbyllur lidhjen e vet private për 
ju. Mesazhi juaj nuk u dërgua. Përkundër, jepini fund bisedës tuaj private 
ose riniseni atë.
+msgevent.setup_error=U has një gabim gjatë vendosjes së një bisede private 
me %S.
+msgevent.msg_reflected=Ju po merrni mesazhi tuaj OTR. Ose po mundoheni të 
flisni me vetveten, ose dikush po i kthen mbrapsht mesazhet tuaja tek ju.
+msgevent.msg_resent=Mesazhi i fundit tek %S është dërguar.
+msgevent.rcvdmsg_not_private=Mesazhi i shifruar i marrë nga %S është i 
palexueshëm, përderisa nuk po komunikoni privatisht.
+msgevent.rcvdmsg_unreadable=Morëm një mesazh të shifruar të palexueshëm 
nga %S.
+msgevent.rcvdmsg_malformed=Morëm një mesazh të dhënash të keqformuar %S.
+msgevent.log_heartbeat_rcvd=Pulsim i marrë nga %S.
+msgevent.log_heartbeat_sent=Pulsim i dërguar tek %S.
+msgevent.rcvdmsg_general_err=U has një gabim OTR.
+msgevent.rcvdmsg_unecrypted=Morëm një mesazh të pashifruar nga %S.
+msgevent.rcvdmsg_unrecognized=Morëm një mesazh OTR të paidentifikueshëm 
nga %S.
+msgevent.rcvdmsg_for_other_instance=%S ka dërguar një mesazh të menduar 
për një sesion të ndryshëm. nëse keni hyrë disa herë, mesazhin mund ta 
ketë marrë një sesion tjetër.
+context.gone_secure_private=Biseda private me %S ka nisur.
+context.gone_secure_unverified=Biseda private me %S ka nisur. Megjithatë, 
identiteti i tij nuk është verifikuar.
+context.still_secure=Biseda private me %S u rifreskua me sukses.
+error.enc=U has një gabim me shifrimin e mesazhit.
+error.not_priv=Ju dërguat të dhëna të shifruara tek %S, që nuk i priste 
ato.
+error.unreadable=Ju transmetuat një mesazh të shifruar të palexueshëm.
+error.malformed=Ju transmetuat një mesazh të dhënash të keqformuar.
+resent=[i ridërguar]
+tlv.disconnected=%S e ka përfunduar bisedën e vet private me ju; duhet të 
bëni të njëjtën gjë.
+query.msg=%S ka kërkuar një bisedë private Jashtë Regjistrimit. 
Sidoqoftë, ju nuk dispononi një plugin që ta bëni këtë. Shihni 
http://otr.cypherpunks.ca/ për më shumë informacion.
+trust.unused=E papërdorur
+trust.not_private=Joprivate
+trust.unverified=E paverifikuar
+trust.private=Private
+trust.finished=E përfunduar

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-otrproperties] Update translations for tor-messenger-otrproperties

[translation]

commit 1e0d05e4d9393cabf825011b3307890c6d5155c9
Author: Translation commit bot 
Date:   Fri Sep 25 12:16:40 2015 +

Update translations for tor-messenger-otrproperties
---
 sq/otr.properties |   12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/sq/otr.properties b/sq/otr.properties
index 8216e88..ada3ed7 100644
--- a/sq/otr.properties
+++ b/sq/otr.properties
@@ -22,10 +22,10 @@ error.not_priv=Ju dërguat të dhëna të shifruara tek %S, 
që nuk i priste ato
 error.unreadable=Ju transmetuat një mesazh të shifruar të palexueshëm.
 error.malformed=Ju transmetuat një mesazh të dhënash të keqformuar.
 resent=[i ridërguar]
-tlv.disconnected=%S has ended their private conversation with you; you should 
do the same.
-query.msg=%S has requested an Off-the Record private conversation. However, 
you do not have a plugin to support that. See http://otr.cypherpunks.ca/ for 
more information.
-trust.unused=Unused
-trust.not_private=Not Private
-trust.unverified=Unverified
+tlv.disconnected=%S e ka përfunduar bisedën e vet private me ju; duhet të 
bëni të njëjtën gjë.
+query.msg=%S ka kërkuar një bisedë private Jashtë Regjistrimit. 
Sidoqoftë, ju nuk dispononi një plugin që ta bëni këtë. Shihni 
http://otr.cypherpunks.ca/ për më shumë informacion.
+trust.unused=E papërdorur
+trust.not_private=Joprivate
+trust.unverified=E paverifikuar
 trust.private=Private
-trust.finished=Finished
+trust.finished=E përfunduar

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Bump to 0.2.7.3-rc-dev

[nickm]

commit 4ce9b8f1ec352f1167ac23d2750795986fb2ba11
Author: Nick Mathewson 
Date:   Fri Sep 25 09:26:35 2015 -0400

Bump to 0.2.7.3-rc-dev
---
 configure.ac|2 +-
 contrib/win32build/tor-mingw.nsi.in |2 +-
 src/win32/orconfig.h|2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 798de27..b190522 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,7 +3,7 @@ dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
 dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
-AC_INIT([tor],[0.2.7.3-rc])
+AC_INIT([tor],[0.2.7.3-rc-dev])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 AM_INIT_AUTOMAKE
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 314522f..5c5b35b 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.7.3-rc"
+!define VERSION "0.2.7.3-rc-dev"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index e69ebeb..61677fe 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -232,7 +232,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.7.3-rc"
+#define VERSION "0.2.7.3-rc-dev"
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Bump master to 0.2.8.0-alpha-dev

[nickm]

commit 551dba3290cc77b512dc339bab4a7a81d1892c7c
Author: Nick Mathewson 
Date:   Fri Sep 25 09:27:39 2015 -0400

Bump master  to 0.2.8.0-alpha-dev
---
 configure.ac|2 +-
 contrib/win32build/tor-mingw.nsi.in |2 +-
 src/win32/orconfig.h|2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index b190522..a6fa1cb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,7 +3,7 @@ dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
 dnl Copyright (c) 2007-2015, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
-AC_INIT([tor],[0.2.7.3-rc-dev])
+AC_INIT([tor],[0.2.8.0-alpha-dev])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 AM_INIT_AUTOMAKE
diff --git a/contrib/win32build/tor-mingw.nsi.in 
b/contrib/win32build/tor-mingw.nsi.in
index 5c5b35b..2da4210 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.7.3-rc-dev"
+!define VERSION "0.2.8.0-alpha-dev"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/;
 !define LICENSE "LICENSE"
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 61677fe..c0b14e5 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -232,7 +232,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.7.3-rc-dev"
+#define VERSION "0.2.8.0-alpha-dev"
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits