? (this needs to be part of the filter or
prioritisation or both)
Some suggestions about how to fix some complex issues.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
OTR 8F39BCAC 9C9DDF9A DF5FAE48 1D7D99D4 3B406880
r
? (this needs to be part of the filter or
prioritisation or both)
Some suggestions about how to fix some complex issues.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
OTR 8F39BCAC 9C9DDF9A DF5FAE48 1D7D99D4 3B406880
r
ciated.
Perhaps HSFETCH only looks in the HS cache, but hidden services don't cache
their own descriptors?
Perhaps HSFETCH doesn't look at HidServAuth?
Perhaps HSFETCH shouldn't try to decrypt the descriptor before delivering it?
Perhaps it should?
I encourage you to log an issue for each of these
for small changes before merging.
>
> Thanks,
> Iain.
>
> [1]: https://trac.torproject.org/projects/tor/ticket/5430
> [2]: https://trac.torproject.org/projects/tor/ticket/6787
> _______________
> tor-dev mailing list
>
you need to specify
it all in one place, and then convince a cryptographer to review it. (I am not
a cryptographer.) And then have your implementation reviewed against the spec.
How is the card you're using for side-channels?
Keys have beed extracted using power usage information, or electromagnetic
nistic,
even thought CoSi signing is not, due to network effects - a CoSi signer may
sign one request, but go down before signing them all.)
A third is for CoSi signatures to be appended to the consensus, just like
authority signatures are appended. Then authorities, mirrors, and clients only
se
ld drop in the common case, if we really
needed to.
But do we really need to?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor
, but in
the interim, it means an increase in memory usage.
Please feel free to let us know if this is a pressing issue for you, and we'll
see what we can do.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Descriptio
so people know what you're replying to.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-dev mailing list
tor-dev
> On 11 May 2016, at 12:49, Tim Wilson-Brown - teor <teor2...@gmail.com> wrote:
>
>>
>> On 11 May 2016, at 12:38, Nicholas R. Parker (RIT Student) <nrp7...@rit.edu>
>> wrote:
>>
>> Hey again all, got another one for you.
>> When we've star
the bridge.
UseBridges 0|1
When set, Tor will fetch descriptors for each bridge listed in the
"Bridge" config lines, and use these relays as both entry guards
and directory guards. (Default: 0)
If you need more detail, I'd encourage you to read the other tor manual enti
t relay is fine, but it's also worth testing with multiple exit relays to
ensure your code doesn't depend on their only being 1 exit.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message sig
> On 8 May 2016, at 02:46, Roger Dingledine <a...@mit.edu> wrote:
>
> On Sun, May 08, 2016 at 02:04:23AM -0400, Tim Wilson-Brown - teor wrote:
>>> ??? Each client will have a cache-microdesc-consensus file with 4
>>> relays in it. relay 0, 1 and 2 will
,k+2*v3)
>
> In this description, round() returns the closest integer and abs() returns the
> absolute value.
> Note that all computations involved in helprec operate on secret data and must
> be protected against timing attacks.
round() is underspecified here: does 0.5 round to 0 or
likely a configuration issue with your network.
> I'll try rebase back to an official release today.
That might help, we are still fixing bugs in 0.2.8.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Descriptio
counted for.
If a descriptor is 1.5KB, and you need to download 100 of them, that's an extra
1.5MB at bootstrap time.
Microdescriptor consensuses are 1.3MB.
So that would mean increasing the additional bandwidth requirements for
fallback directory mirrors from 20KB/s to 50KB/s.
This excludes the
and hidden services can have before TLS or Tor-specific
crypto fails?
Does anyone want to spin up a VM and work this out?
In the interim, let's assume the crypto will work, and modify the proposal with
a larger clock skew.
Tim
[0]: https://en.wikipedia.org/wiki/List_of_UTC_time_offsets
> On 20 Apr 2016, at 07:22, David Goulet <dgou...@ev0ke.net> wrote:
>
> On 18 Apr (13:18:25), George Kadianakis wrote:
>> Tim Wilson-Brown - teor <teor2...@gmail.com> writes:
>>
>>> [ text/plain ]
>>>
>>>> On 16 Apr 2016,
I also wonder about the impact on path selection and client security - even an
honest operator can have their relays compromised or be compelled to provide
information.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Descrip
long as K is small.
This carries a slight risk of over-deallocating cache entries. Which is OK at
OOM time.
I like this one, because it's simple, performant, and doesn't need any extra
memory allocations.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzg
> On 12 Apr 2016, at 04:22, David Goulet <dgou...@ev0ke.net> wrote:
>
> On 08 Apr (10:15:19), Tim Wilson-Brown - teor wrote:
>> Hi All,
>>
>> I'm working on proposal 260's Rendezvous Single Onion Services in #17178.
>>
>> They are faster,
has more specific requirements for security reasons, this protects the
keys from other users on the system.
It's hard to give more advice without more specific details.
If this advice doesn't help, please copy and paste the configuration options
you used, and the errors you got, and then tell us
by running the test binary with the test name.
chutney is slow, but it's used for whole-program and whole-network integration
tests.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet:ekmygaiu4rzgsk6n
signature.asc
Description: Message signed with OpenPGP using GPGMail
a guide to when we should warn the user.
But we never considered failing closed in these circumstances: what if the user
just wants circumvention, and not anonymity?
https://trac.torproject.org/projects/tor/ticket/17849
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
ricochet
hard to discover during modelling.
Using a malicious guard has similar consequences to Tor failing closed, and
users switching to a non-tor browser.
I'm not sure which is worse. It probably depends on the user. But we should try
to avoid both scenarios.
Tim
Tim Wilson-Brown (teor)
teo
> On 27 Mar 2016, at 05:42, s7r <s...@sky-ip.org> wrote:
>
> Hello,
>
> teor, asn, see comments inline.
>
> On 3/24/2016 5:00 PM, Tim Wilson-Brown - teor wrote:
> [snip]
>>>> The number of directory guards will increase when 0.2.8-stable is
&g
na-ipv4-special-registry.xhtml
[3]:
https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed wi
That's a fair point. The big question here is, is this worth the
>>> complexity
>>> that MAINT_INTRO and UPDATE-KEYS-SUBCMD add to the protocol logic?
I'm not convinced that this feature is necessary.
I think we should remove it, and if it looks like it's needed later,
> On 26 Mar 2016, at 21:36, intrigeri <intrig...@boum.org> wrote:
>
> Hi,
>
> Tim Wilson-Brown - teor wrote (21 Mar 2016 18:16:46 GMT) :
>> If this feature does cause problems, or if your app needs to bootstrap only
>> from the
>> authorities (Tails tim
> On 25 Mar 2016, at 00:31, George Kadianakis <desnac...@riseup.net> wrote:
>
> Tim Wilson-Brown - teor <teor2...@gmail.com <mailto:teor2...@gmail.com>>
> writes:
>
>> [ text/plain ]
>>
>>> On 24 Mar 2016, at 22:55, George Kadianakis &
take
> up to 6 minutes to get a working connection.
This seems far too long for most users. Usability studies have demonstrated
that users give up after approximately 30 seconds.
Can we design an algorithm that will automatically choose a dystopic guard and
bootstrap within 30 seconds?
What
directory
mirrors (0.2.8.1-alpha / 0.2.4.7-alpha)
The release in brackets is when each issue was introduced.
I don't know of any other patches (assigned to me) that are urgent enough to
hold up the next alpha.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
> On 22 Mar 2016, at 23:30, Nathan Freitas <nat...@freitas.net> wrote:
>
> On Mon, Mar 21, 2016, at 02:16 PM, Tim Wilson-Brown - teor wrote:
>> Just a heads' up that tor 0.2.8 includes a fallback directory mirrors
>> feature, where tor clients bootstrap from a s
the past six months.
I'm not sure 3 or more pairwise meeting times is a good idea, it seems very
complex.
But I'm concerned about the extra load on Nick and Isabela.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B
ority addresses are kept up to date in both the tor source code and the
network consensus.
If you're using an old version of tor, some of the addresses may be outdated.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A
r, and there is no majority consensus about
certain information, or the entire network state.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMai
How do Tor engineers test new stuff?
I typically use chutney for smoke tests. Others use shadow for simulations:
https://gitweb.torproject.org/chutney.git/
<https://gitweb.torproject.org/chutney.git/>https://shadow.github.io/
<https://shadow.github.io/>
Tim
Tim Wilson-Brown (teor
r a Tor
> connection you're observing is being used for an onion service or a
> normal (exit) connection -- for example, to stymie attacks like the
> "Circuit Fingerprinting Attacks" from the Usenix Security '15 paper. I
> think that is a totally different topic than RSOS.
Yes, I think i
gorithm.
So it's really up to debian-legal, who I assume we've asked or will be asking.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using
in the pad (which is a "Can Comment" link).
I can't seem to edit the pad.
Does the link just allow annotation, or full-blown editing?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signatur
-08-22.00.log.html>
[2]: https://trac.torproject.org/projects/tor/ticket/17178
<https://trac.torproject.org/projects/tor/ticket/17178>
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
De
> On 15 Jan 2016, at 03:07, Mike Perry <mikepe...@torproject.org> wrote:
>
> Tim Wilson-Brown - teor:
>>> On 13 Jan 2016, at 00:53, Mike Perry <mikepe...@torproject.org
>>> <mailto:mikepe...@torproject.org>> wrote:
>>> 1. Overview
>
v and
tor-talk so people know the question has been answered.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
_
> On 28 Jan 2016, at 01:05, Nick Mathewson <ni...@torproject.org> wrote:
>
> On Tue, Jan 26, 2016 at 9:01 PM, Tim Wilson-Brown - teor
> <teor2...@gmail.com <mailto:teor2...@gmail.com>> wrote:
>>
>> On 26 Jan 2016, at 23:19, David Goulet <dgou...
> On 26 Jan 2016, at 23:19, David Goulet <dgou...@ev0ke.net> wrote:
>
> On 26 Jan (07:00:31), Nick Mathewson wrote:
>> On Mon, Jan 25, 2016 at 5:14 AM, David Goulet <dgou...@ev0ke.net> wrote:
>>> On 18 Jan (07:13:36), Tim Wilson-Brown - teor wrote:
>>
Pv6 file
/opt/local/share/tor/geoip6.
Jan 26 12:25:50.000 [notice] Bootstrapped 0%: Starting
Jan 26 12:25:50.000 [notice] Delaying directory fetches: No running bridges
Jan 26 12:25:52.000 [notice] Bootstrapped 5%: Connecting to directory server
Jan 26 12:25:52.000 [notice] Bootstrapped 10%: Finishing ha
99 1 udp 2122260223 192.168…. 48952 typ host generation 0
a=candidate:3800267063 1 tcp 1518280447 192.168…. 0 typ host tcptype active
generation 0
a=candidate:759726963 1 udp 1686052607 199... 48952 typ srflx raddr 192.168….
rport 48952 generation 0
a=ice-ufrag:gW3Squmad22xQeoQ
a=ice-pwd:OAGHWixl0ZICWg2JYTXOr
> On 25 Jan 2016, at 03:10, s7r <s...@sky-ip.org> wrote:
>
> Signed PGP part
> Hi teor,
>
> On 1/24/2016 6:33 AM, Tim Wilson-Brown - teor wrote:
> > Please read the tor man page documentation for the option
> > Tor2webRendezvousPoin
into buckets, like we do for other
statistics, but I'm not sure there's much point, as they are never seen
outside the hidden service.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
is a client which is configured
to use the same rendezvous point(s) for every hidden service connection,
it will get banned if it connects to the same hidden service too many times.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06
> On 24 Jan 2016, at 13:04, s7r <s...@sky-ip.org> wrote:
>
> Signed PGP part
>
> On 1/24/2016 1:51 AM, Tim Wilson-Brown - teor wrote:
> >
> >> On 24 Jan 2016, at 09:28, s7r <s...@sky-ip.org
> >> <mailto:s...@sky-ip.org>> wrote:
>
ject.org/projects/tor/ticket/17840
See also #17849, where yawning and I discuss logging a warning if clients have
very restricted guard choices.
https://trac.torproject.org/projects/tor/ticket/17849
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
es ISPs to retain connection information, so choosing a nearby
entry to me, and a nearby exit to a website in this country, would be very
detrimental to my anonymity.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B
ose
> with others so moving this one before or after Febuary 2nd would be
> great for me. If impossible, I'll read the notes I guess :).
This is at half past midnight on a Saturday for me, can we move it to time
somewhere in 4pm - 8pm eastern (2100 - 0100 UTC)?
Thanks
Tim
Tim Wilson-Brown (
> On 15 Jan 2016, at 03:07, Mike Perry <mikepe...@torproject.org> wrote:
>
> Tim Wilson-Brown - teor:
>>> On 13 Jan 2016, at 00:53, Mike Perry <mikepe...@torproject.org
>>> <mailto:mikepe...@torproject.org>> wrote:
>>> 1. Overview
>
> On 13 Jan 2016, at 20:02, David Goulet <dgou...@ev0ke.net> wrote:
>
> On 13 Jan (11:34:05), Tim Wilson-Brown - teor wrote:
>>
>>> On 13 Jan 2016, at 01:46, George Kadianakis <desnac...@riseup.net> wrote:
>>>
>>> ...
>>> For wha
irs, but they need an introduction point
to be up whenever they contact the hidden service.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with Op
s or
address families, and
* tor may not be able to detect which address(es) it is exiting from, or it may
be an expensive or unreliable process.
But please feel free to submit a proposal to include exit IP addresses in the
consensus - it would help if it included strategies to address these concer
ess requires?
(I understand the standard setting is 24, 12 for the commit, and 12 for the
reveal.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with O
Depending on whether an exit or internal circuit is cannibalised, they can look
like:
G M E E
G M M E
And what about hidden service paths (paths that include two middle nodes?)
G M M
Or, if cannibalised from an exit or internal circuit:
G M E M
G M M M
Again, I think these will just be par
a minor social effect if people are seeking flags for their
relays. (Nor will it have much effect on policy, except, again, for a minor
social effect.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
sign
This would prevent them
> from downloading new consensuses.
>
> [This proposal would result in the quietest shutdown.]
Are we aiming to do this for 0.2.8?
I think it would be a good idea, as adding default fallback directories
makes it harder to implement some authority-only strategie
n so we
> we don't need to do code archeology to determine which number
You did that thing where you start a sentence
Otherwise looks good, modulo a few typos that don't affect meaning.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08
etwork bandwidth.
(Given the small number of Exits flags affected by this change, I'm not sure if
this policy is responsible for all the good Exits, or if our exit-checking
tools are responsible.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR C
_WIN32
> -#include
> -#else
> +#ifndef _MSC_VER
> #include
> #endif
>
> Since is already included in "or.h", it's not needed here
> too.
>
> --
> --gv
> ___
> tor-dev mailing list
> tor-dev@lists.tor
> On 5 Jan 2016, at 19:33, Tom van der Woerdt <i...@tvdw.eu> wrote:
> ...
> Op 05/01/16 om 02:15 schreef Tim Wilson-Brown - teor:
>>
>>> On 5 Jan 2016, at 11:29, Tom van der Woerdt <i...@tvdw.eu
>>> <mailto:i...@tvdw.eu>> wrote:
>>> ..
y used right now?
Alternately, we could add other widely used SSL ports in addition to XMMP, and
perhaps increase the rule to "at least two SSL ports".
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D
remaining Go 1.x standard library and
commands.
https://docs.google.com/document/d/1OaatvGhEAq7VseQ9kkavxKNAfepWy2yhPUBs96FGV28/edit?pref=2=1
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP us
ould
download the differences between each consensus each hour, rather than
downloading a full consensus (~1.5MB).
It showed some great results, but still needs a little work before we merge it.
https://trac.torproject.org/projects/tor/ticket/13339
<https://trac.torproject.org/projects/tor/ticket/
rogrammers…
(On the other hand, if there's no reference implementation, then that makes it
hard to recommend that particular crypto scheme.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Desc
> On 3 Jan 2016, at 14:12, Jesse V <kernelc...@riseup.net> wrote:
>
> On 01/02/2016 05:42 PM, Tim Wilson-Brown - teor wrote:
>> And if we can't use the reference implementation, we have some decent
>> programmers…
>> (On the other hand, if there's no reference i
> On 11 Dec 2015, at 22:47, Oskar Wendel <o.wen...@wp.pl> wrote:
>
> Signed PGP part
> Tim Wilson-Brown - teor <teor2...@gmail.com>:
>
> > Volunteers can do many different tasks:
> > https://www.torproject.org/getinvolved/volunteer
> > <
reconf -fiv. 8.x is EOL anyways.
What's the version of autoconf / automake?
We're trying to work out which autotools versions we support in #17732.
https://trac.torproject.org/projects/tor/ticket/17732
<https://trac.torproject.org/projects/tor/ticket/17732>
Tim
Tim Wilson-Brown (teor)
te
TPS sites.
The High level disables JavaScript on all sites.
(In either case, users can enable it on a site-by-site basis.)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Mess
> On 22 Nov 2015, at 02:55, David Goulet <dgou...@ev0ke.net> wrote:
>
> On 21 Nov (16:26:31), Tim Wilson-Brown - teor wrote:
> ...
>> It would be great to have some stats for typical path lengths, is there an
>> open ticket for this, or should I create one?
>
&
to gauge load.
Then they start at a random time during the day/month, but early enough that
they think they'll still use all their bandwidth.
I wonder if we're seeing another phenomenon? (daily / monthly server restarts?)
Or we could be seeing hibernation failing to work as intended.
Tim
h your latest visualizations. This
> is pending on the JavaScript decision though.
Do David's visualisations already use JavaScript?
We could always do what we did with the bubble graphs, and make (another) part
of the metrics site use JavaScript.
Or are we waiting to choose a language before
gt;
> We might want the property that after every cell, we can forget
> some secret that would enable us to decrypt that cell if we saw
> it again.
>
> …
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3
> On 28 Nov 2015, at 01:22, thomas lörtsch <t...@rat.io> wrote:
>
> I don’t even know what those .tpo’s he mentions are.
.tpo is an abbreviation for .torproject.org <http://torproject.org/> : a server
under the Tor Project's domain.
Tim
Tim Wilson-Brown (teor)
teor2345
ny preemptively built paths to cannibalize or not.
If so, it's side is typically 4 hops, if not, it is 3.
It would be great to have some stats for typical path lengths, is there an open
ticket for this, or should I create one?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor
cture will also have to change to commit H(H(RN)).
>
> For spec readability, maybe we could have:
>
> RN = 255-bit random number
> REVEAL_VALUE = H(RN)
>
> and then use REVEAL_VALUE in REVEAL and COMMIT.
Jacob/David/George,
We typically add a distinguishing value to ha
iod)
That way, clients and relays don't need to do anything special: there will
always be a SRV in the consensus.
This means that the SR consensus method will always produce a SR value, which I
believe is a much better property than occasionally failing to produce a value.
Tim
Tim Wilson
Hi George,
Please see below for a spec patch covering this email thread and various issues
discussed on Trac and tor-dev@
> On 20 Nov 2015, at 00:13, George Kadianakis <desnac...@riseup.net> wrote:
>
> Tim Wilson-Brown - teor <teor2...@gmail.com <mailto:teor2...@gmail.com&
> On 20 Nov 2015, at 12:21, Tim Wilson-Brown - teor <teor2...@gmail.com> wrote:
>
> ...
>
> A full list of changes is:
> ...
> * randomise revision-counter to avoid information leaks
> …
I just pushed a fixup to this commit: the revision-counter requires a
Ayms/node-Tor
> Java: https://silvertunnel.org/doc/netlib.html ,
> https://subgraph.com/orchid/ <https://subgraph.com/orchid/>
Also Java:
<https://github.com/owenson/tor-research-framework>https://github.com/owenson/tor-research-framework
<https://github.com/owenson/tor-resear
>
>SALT (random bytes from above) [16 bytes]
>ENCRYPTED The plaintext encrypted with S [variable]
> MAC MAC of both above fields[32 bytes]
Tim
Tim Wilson-Brown (teor)
[0]: https://www.benthamsgaze.org/wp-content/uploads/2015/11/sucu-torscaling.
revision-counter?
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-dev mailing li
ear more flags
(future-proof this function by zeroing out the entire structure, then copying
the flags we know we want)
https://trac.torproject.org/projects/tor/ticket/16849
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E
t.
(I'm hoping I'll have time after I finish a grant proposal, and also finish
fallback directories (#15775) and multiple bootstrap connections (#4483)).
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
ALL the reveal phase as
> opposite to missing the last 3 consecutive ones).
>
> What do you think?
Whatever we decide, can we make it a torrc option?
That way, authorities running the SR code can bootstrap relatively quickly in
test networks.
(The fastest possible bootstrap would have 1 SR
introduction for a European rendezvous point could be sent to a nearby European
data center to perform the actual rendezvous. Alternately, it could be send to
a lightly-loaded instance.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 975586
workshop:
Tuesday at 0100 UTC (Monday at 8:00pm EST, Monday at 5:00pm PST)
or
Monday at 0100 UTC (Sunday at 8:00pm EST, Sunday at 5:00pm PST)
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signat
similar.
Any adversary who can break shared randomness is likely to also be able to
break the entire consensus.
And the consensus is a high-value target, whereas shared randomness isn't (yet).
Therefore, I think we could treat any conflicts as bugs or misconfigurations,
report them via IRC an
ividual stages (as Xcode does automatically). Signing with --deep is for
> emergency repairs and temporary adjustments only.
>
> Note that signing with the combination --deep --force will forcibly re-sign
> all code in a bundle.
>
Mozilla have also had issues with signin
ces us to the current state, where we distribute detached PGP
signatures next to downloads.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Descri
#4483, prop #210) the authorities.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
o the network metadata db, and the
> users can query it to make their own decisions, follow
> other users prebuilt selection templates, or stick
> with the provided defaults.
> ___
> tor-dev mailing list
> tor-dev@lists.torproject.org <mai
Hi All,Please find below and attached a proposal: Rendezvous Single Onion Services.This is an updated and expanded version of "Direct Onion Services: Fast-but-not-hidden services”. It also borrows heavily from "Single Onion Services" (Proposal #252).The proposal is available in the branch
CHA also affects sites using CloudFlare, but doesn’t
affect Tor’s own Trac site.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Me
IW, it seems that the current default Priority for new tickets is
> "Immediate" and the default Severity is "Blocker". This might cause
> people who don't know how trac works, submitting stressfull trac tickets.
And every time I edit an existing ticket, it gets severity “Blocker”,
1 - 100 of 124 matches
Mail list logo