[TWN team] Recent changes to the wiki pages
Lunar
lunar at torproject.org
Tue Dec 3 13:20:07 UTC 2013
===========================================================================
=== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2013/22 ===
===========================================================================
version 45
Author: sqrt2
Date: 2013-12-03T12:46:54+00:00
review
--- version 44
+++ version 45
@@ -18,49 +18,50 @@
------------------------------------------------------------
Nick Mathewson has been working on turning a “revamp of the hidden
-services protocol” into a formal proposal [1]. Last Saturday, Nick
+services protocol” into a formal proposal [1]. Last Saturday, Nick
blessed the tor-dev mailing list with a post of the current draft for
-proposal 224 [2], dubbed “Next-Generation Hidden Services in Tor”.
-
-Nick currently lists 25 different people who made writing new proposal
-possible, and they will be probably some more to add before the proposal
-reach completion. We will spare the full list to the reader, but Tor
-Weekly News' archives [3] can attest that George Kadianakis deserves a
-special mention for his repeated efforts to move things forward.
-
-The proposal aims to replace “the current rend-spec.txt [4], rewritten
+proposal 224 [2], dubbed “Next-Generation Hidden Services in Tor”.
+
+Nick currently lists 25 different people who made writing the new
+proposal possible, and there will be probably some more to add before
+the proposal reaches completion. We will spare the full list to the
+reader, but Tor Weekly News' archives [3] can attest that George
+Kadianakis deserves a special mention for his repeated efforts to move
+things forward.
+
+The proposal aims to replace “the current rend-spec.txt [4], rewritten
for clarity and for improved design.” The most user visible change from
-the current hidden services is the new address format. In order to
-prevent the enumeration of hidden services, the new protocol uses a
-derives “blinded key” (section 1.3) from Ed25519 master identity key.
+the current hidden services protocol is the new address format. In order
+to prevent the enumeration of hidden services, the new protocol derives a
+“blinded key” (section 1.3) from an Ed25519 master identity key.
The blinding operation requires to operate on the full key material (and
not just a truncated hash, as before). With a base 32 encoding of the
entire 256 bits (section 1.2), “a new name following this specification
might look like:
a1uik0w1gmfq3i5ievxdm9ceu27e88g6o7pe0rffdw9jmntwkdsd.onion”. Other
-encoding might still worth consideration as long as they make valid
+encodings might still be worth consideration as long as they make valid
hostnames.
Less visible changes include the departure from RSA1024, DH1024, and
-SHA1 to prefer Ed25519, Curve25519, and SHA256 as the basic crypto
-blocks (section 0.3).
-
-The selection of responsible directories for a hidden service now
+SHA1 to prefer Ed25519, Curve25519, and SHA256 as the cryptographic
+primitives in use (section 0.3).
+
+The selection of directories responsible for a hidden service now
depends on a periodic “collaboratively generated random value” provided
by the Tor directory authorities. This way the directories of a hidden
-service are not predictable in advance which prevents targeted denial of
-service attacks (see ticket #8244 [5] and proposal 225 for a possible
-scheme [6]).
+service are not predictable in advance, which prevents targeted denial
+of service attacks (see ticket #8244 [5] and proposal 225 for a possible
+scheme [6]).
The new proposal also introduces the possibility of keeping the master
identity key offline (section 1.7).
The proposal is completely unfinished when it comes to scaling Hidden
Services to multiple hosts (section 1.5). There have been discussions on
-this topic [7], but there is no final decision on what the final scheme
+this topic [7], but there is no final decision on what the final scheme
should be. The problem with naive scaling schemes is that information
-about the number of Hidden Service nodes can get leaked to adversarial
-clients or Introduction Points.
+about the number of Hidden Service nodes can leak to adversarial clients
+or Introduction Points.
In order to move the proposal forward from the current draft, Nick
Mathewson told the readers: “I'd like to know what doesn't make sense,
@@ -70,132 +71,132 @@
if they grow into improvements.” The document is still sprinkled with
many TODO items, so feel free to jump in if you want to help!
- [1] https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/001-process.txt
- [2] https://lists.torproject.org/pipermail/tor-dev/2013-November/005877.html
- [3] https://blog.torproject.org/category/tags/tor-weekly-news
- [4] https://gitweb.torproject.org/torspec.git/blob/refs/heads/master:/rend-spec.txt
- [5] https://bugs.torproject.org/8244
- [6] https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/225-strawman-shared-rand.txt
- [7] https://lists.torproject.org/pipermail/tor-dev/2013-October/005556.html
+ [1] https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/001-process.txt
+ [2] https://lists.torproject.org/pipermail/tor-dev/2013-November/005877.html
+ [3] https://blog.torproject.org/category/tags/tor-weekly-news
+ [4] https://gitweb.torproject.org/torspec.git/blob/refs/heads/master:/rend-spec.txt
+ [5] https://bugs.torproject.org/8244
+ [6] https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/225-strawman-shared-rand.txt
+ [7] https://lists.torproject.org/pipermail/tor-dev/2013-October/005556.html
Tor relay operators meeting at 30C3
-----------------------------------
-Moritz Bartl announced [8] that a meeting of Tor relay operators and
+Moritz Bartl announced [8] that a meeting of Tor relay operators and
organizations will be held as part of the first day of the 30th Chaos
Communication Congress in Hamburg on the 27th December. He asked major
relay operators and Torservers.net partner organizations to prepare some
slides explaining their activities; the German partner organization,
Zwiebelfreunde e.V., will hold its own meeting directly afterwards.
- [8] https://lists.torproject.org/pipermail/tor-relays/2013-December/003449.html
+ [8] https://lists.torproject.org/pipermail/tor-relays/2013-December/003449.html
Monthly status reports for November 2013
----------------------------------------
The wave of regular monthly reports from Tor project members for the
month of November has begun. Pearl Crescent released their report
-first [9], followed by reports from Sherief Alaa [10], Lunar [11], Colin
-C. [12], Nick Mathewson [13], George Kadianakis [14], Arlo Breault [15]
-and Ximin Luo [16].
-
- [9] https://lists.torproject.org/pipermail/tor-reports/2013-November/000387.html
- [10] https://lists.torproject.org/pipermail/tor-reports/2013-December/000388.html
- [11] https://lists.torproject.org/pipermail/tor-reports/2013-December/000389.html
- [12] https://lists.torproject.org/pipermail/tor-reports/2013-December/000390.html
- [13] https://lists.torproject.org/pipermail/tor-reports/2013-December/000391.html
- [14] https://lists.torproject.org/pipermail/tor-reports/2013-December/000393.html
- [15] https://lists.torproject.org/pipermail/tor-reports/2013-December/000394.html
- [16] https://lists.torproject.org/pipermail/tor-reports/2013-December/000395.html
+first [9], followed by reports from Sherief Alaa [10], Lunar [11], Colin
+C. [12], Nick Mathewson [13], George Kadianakis [14], Arlo Breault [15]
+and Ximin Luo [16].
+
+ [9] https://lists.torproject.org/pipermail/tor-reports/2013-November/000387.html
+ [10] https://lists.torproject.org/pipermail/tor-reports/2013-December/000388.html
+ [11] https://lists.torproject.org/pipermail/tor-reports/2013-December/000389.html
+ [12] https://lists.torproject.org/pipermail/tor-reports/2013-December/000390.html
+ [13] https://lists.torproject.org/pipermail/tor-reports/2013-December/000391.html
+ [14] https://lists.torproject.org/pipermail/tor-reports/2013-December/000393.html
+ [15] https://lists.torproject.org/pipermail/tor-reports/2013-December/000394.html
+ [16] https://lists.torproject.org/pipermail/tor-reports/2013-December/000395.html
Miscellaneous news
------------------
-The first release candidate for Tails 0.22 [17] is out. The new version
-features a browser based on Firefox 24 and has reached beta-stage for
+The first release candidate for Tails 0.22 [17] is out. The new version
+features a browser based on Firefox 24 and has reached beta stage for
incremental updates, among other things. Tests are highly welcome as
always!
- [17] https://tails.boum.org/news/test_0.22-rc1/
+ [17] https://tails.boum.org/news/test_0.22-rc1/
The Tails team called for translators to help with the strings both for
-Tails 0.22 [18], as well as for the new incremental upgrade
-software [19]. The strings for translation are now available in the
-Tails git repository [20], and hopefully should also be up on
-Transifex [21] soon.
-
- [18] https://mailman.boum.org/pipermail/tails-l10n/2013-December/000774.html
- [19] https://mailman.boum.org/pipermail/tails-l10n/2013-November/000771.html
- [20] https://git-tails.immerda.ch/iuk/
- [21] https://www.transifex.com/projects/p/torproject/
+Tails 0.22 [18], as well as for the new incremental upgrade
+software [19]. The strings for translation are now available in the
+Tails git repository [20], and hopefully should also be up on
+Transifex [21] soon.
+
+ [18] https://mailman.boum.org/pipermail/tails-l10n/2013-December/000774.html
+ [19] https://mailman.boum.org/pipermail/tails-l10n/2013-November/000771.html
+ [20] https://git-tails.immerda.ch/iuk/
+ [21] https://www.transifex.com/projects/p/torproject/
Damian Johnson sent out a link to a recording of his talk on the Tor
-ecosystem at TA3M in Seattle [22].
-
- [22] https://lists.torproject.org/pipermail/tor-dev/2013-November/005867.html
+ecosystem at TA3M in Seattle [22].
+
+ [22] https://lists.torproject.org/pipermail/tor-dev/2013-November/005867.html
David Goulet called for assistance with the code-review process for the
Torsocks 2.0 release candidate, and offered some guidance on where to
-begin [23].
-
- [23] https://lists.torproject.org/pipermail/tor-dev/2013-November/005870.html
+begin [23].
+
+ [23] https://lists.torproject.org/pipermail/tor-dev/2013-November/005870.html
Erinn Clark and Peter Palfrader upgraded the Tor Bug Tracker & Wiki to
-Trac version 1.0 [24].
-
- [24] https://lists.torproject.org/pipermail/tor-dev/2013-November/005871.html
-
-intrigeri began [25] the compilation of a glossary [26] of words that
-Tails and its developers use for particular concepts, to assist
-contributors who might not be familiar with these special meanings.
-
- [25] https://mailman.boum.org/pipermail/tails-dev/2013-November/004353.html
- [26] https://tails.boum.org/contribute/glossary/
+Trac version 1.0 [24].
+
+ [24] https://lists.torproject.org/pipermail/tor-dev/2013-November/005871.html
+
+intrigeri began [25] compiling a glossary [26] of words that Tails and
+its developers use for particular concepts, to assist contributors who
+might not be familiar with these special meanings.
+
+ [25] https://mailman.boum.org/pipermail/tails-dev/2013-November/004353.html
+ [26] https://tails.boum.org/contribute/glossary/
In order to remove “a full database of relays on our already overloaded
metrics machine”, Karsten Loesing is asking for those using the
-“relay-search service” to speak up [27] before decommissioning the
-service by the end of the year.
-
- [27] https://lists.torproject.org/pipermail/tor-talk/2013-December/031310.html
-
-Philipp Winter followed up on his experiments in exit scanning [28] and
-released exitmap [29] which uses Stem to control with the tor daemon in
+“relay-search service” to speak up [27] before the decommissioning of
+the service by the end of the year.
+
+ [27] https://lists.torproject.org/pipermail/tor-talk/2013-December/031310.html
+
+Philipp Winter followed up on his experiments in exit scanning [28] and
+released exitmap [29], which uses Stem to control the tor daemon in
creating circuits to all exit nodes.
- [28] https://lists.torproject.org/pipermail/tor-dev/2013-November/005863.html
- [29] https://github.com/NullHypothesis/exitmap
-
-A Tor client implementation written in pure Java, Orchid [30], has
-silently reached the 1.0 milestone on November 27th. Nathan Freitas
-looks for comment from the community [31] as he is “thinking about
+ [28] https://lists.torproject.org/pipermail/tor-dev/2013-November/005863.html
+ [29] https://github.com/NullHypothesis/exitmap
+
+A Tor client implementation written in pure Java, Orchid [30], has
+silently reached the 1.0 milestone on November 27th. Nathan Freitas is
+looking for comment from the community [31] as he is “thinking about
having Orbot use it by default, and then offering ARM and x86 binaries
as add-on enhancements.” His main argument is that it “would make the
core Tor on Android experience more lightweight for client only use.”
- [30] http://www.subgraph.com/orchid.html
- [31] https://lists.torproject.org/pipermail/tor-dev/2013-November/005884.html
+ [30] http://www.subgraph.com/orchid.html
+ [31] https://lists.torproject.org/pipermail/tor-dev/2013-November/005884.html
The Electronic Frontier Foundation helped a student group in Iowa
convince their university they should be allowed to hold discussions
-about Tor on campus. The EFF's open letter to universities [32] and
-their “Myths and Facts About Tor” [33] document make useful advocacy
+about Tor on campus. The EFF's open letter to universities [32] and
+their “Myths and Facts About Tor” [33] document make useful advocacy
material.
- [32] https://www.eff.org/deeplinks/2013/12/open-letter-urging-universities-encourage-conversation-about-online-privacy
- [33] https://www.eff.org/document/tor-myths-and-facts
+ [32] https://www.eff.org/deeplinks/2013/12/open-letter-urging-universities-encourage-conversation-about-online-privacy
+ [33] https://www.eff.org/document/tor-myths-and-facts
Tor help desk roundup
---------------------
Multiple users asked about using Tor for PC gaming. Tor can only
transport TCP, which is how web pages are transmitted. Many video games
-relay on UDP or other protocols to transport data because of the lower
+rely on UDP or other protocols to transport data because of the lower
latency. Information these games transport over protocols besides TCP
would not be sent over Tor. Also any software used with Tor needs to be
tested for proxy obedience. Untested applications might send information
-without using Tor without the user realizing it even if they appear to
-be correctly configured.
+without using Tor even if they appear to be configured correctly, and
+without the user realizing it.
Upcoming events
---------------
@@ -210,10 +211,10 @@
Want to continue reading TWN? Please help us create this newsletter.
We still need more volunteers to watch the Tor community and report
-important news. Please see the project page [34], write down your
-name and subscribe to the team mailing list [35] if you want to
+important news. Please see the project page [34], write down your
+name and subscribe to the team mailing list [35] if you want to
get involved!
- [34] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
- [35] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
+ [34] https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
+ [35] https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
}}}
--
Your friendly TWN monitoring script
In case of malfunction, please reach out for lunar at torproject.org
or for the worst cases, tell weasel at torproject.org to kill me.
More information about the news-team
mailing list