aboutsummaryrefslogtreecommitdiff
path: root/doc/TODO
blob: b5623c28bc8860325269956fc5bc276af1273277 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
Legend:
SPEC!!  - Not specified
SPEC    - Spec not finalized
NICK    - nick claims
ARMA    - arma claims
        - Not done
        * Top priority
        . Partially done
        o Done
        D Deferred
        X Abandoned


        . Use a stronger cipher
                o 3des for now
                - aes when we everybody has openssl 0.9.7
        . Topics / circuits
                o Implement topics
                - Rotate circuits after N minutes?
                - Circuits should expire when circuit->expire triggers
NICK            . Handle half-open connections
                - Figure out what causes connections to close, standardize
                        when we mark a connection vs when we tear it down
NICK            - Look at what ssl does to keep from mutating data streams
NICK    . On the fly compression of each stream
        o Clean up the event loop (optimize and sanitize)
ARMA    o Remove that awful concept of 'roles'
ARMA    - Exit policies
                - Spec how to write the exit policies
                - Path selection algorithms
                        - Let user request certain nodes
                        - And disallow certain nodes
                        - Choose path by jurisdiction, etc?
        D Implement our own memory management, at least for common structs
        . Appropriate logging
                - Come up with convention for what log level means what
                - Make code follow convention
        . Terminology
                o Circuits, topics, cells stay named that
                - 'Connection' gets divided, or renamed, or something?
        . DNS farm
                o Distribute queries onto the farm, get answers
                o Preemptively grow a new worker before he's needed
                - Prune workers when too many are idle
                o Keep track of which connections are in dns_wait
                o Need to cache positives/negatives on the tor side
                        o Keep track of which queries have been asked
                . Better error handling when
                        . An address doesn't resolve
                        - We have max workers running
                - Consider taking the master out of the loop?
        . Directory servers
                - Automated reputation management
ARMA            - Include key in source; sign directories
ARMA            - Have directories list recommended-versions
                        - Quit if running the wrong version
                        - Command-line option to override quit
                . Add more information to directory server entries
                        - Exit policies
                        - jurisdiction? others?
SPEC!!          - Figure out how to do threshold directory servers
        . Scrubbing proxies
                - Find an smtp proxy?
                - Find an ftp proxy? Figure out how that would work?
                - Wait until there are packet redirectors for Linux
                . Get socks4a support into Mozilla
        . Get tor to act like a socks server
                o socks4, socks4a
                - socks5
SPEC!!          - Handle socks commands other than connect, eg, bind?
        - Develop rendezvous points
        D Implement reply onions
        D Deploy and manage open source development site.
        . Documentation
                . Discussion of socks, tsocks, etc
                o On-the-network protocol
                        o Onions
                        o Cells
                . Better comments for functions!
        - Tests
NICK            - Testing harness/infrastructure
                - Unit tests
                - System tests (how?)
                - Performance tests, so we know when we've improved
                        . webload infrastructure (Bruce)
                        . httperf infrastructure (easy to set up)
                        . oprofile (installed in RH 8.0)
        D Deploy a widespread network
        . Router twins
                o Choose twin if primary is down, when laying circuit
                - Load balancing between twins
                        - Keep track of load over links/nodes, to
                          know who's hosed
NICK    - Daemonize and package
                o Teach it to fork and background
                - Red Hat spec file
                - Debian spec file equivalent
                
        . Autoconf
                . Which .h files are we actually using? Port to:
                        o Linux
                        o BSD
                        . Solaris
                        . Windows
NICK                    . OS X
        . Move away from openssl
                o Abstract out crypto calls
                D Look at ndss, others? Just include code?

        . transition addr to sin_addr (huh?)

        . Clean up the number of places that get to look at prkey
SPEC!!  - Non-clique topologies, clearer bandwidth management
        . Look at OR handshake in more detail
                o Spec it
                - Merge OR and OP handshakes?
                - Periodic link key rotation. Spec?
        - More flexibility in node addressing
                - Support IPv6 rather than just 4
                - Handle multihomed servers