[tor-dev] The future of GetTor

Adam Pritchard a.pritchard at psiphon.ca
Thu Jun 18 19:40:14 UTC 2015


>
> I'm currently the maintainer of GetTor [1], and together with Nima and
> Sukhbir we have been talking about the future of it.


If this conversation moves elsewhere, I would really like to be kept in the
loop.

I'm the primary maintainer of Psiphon's email auto-responder, which was
initially modeled on Tor's approach. Psiphon is, obviously, also extremely
interested in robust ways of making our tools available in censoring
regions. (So, Satori, etc., are also interesting.)

Relatedly...

When doing Logjam, etc., testing on our responder I found testssl.sh[1] to
be a handy tool. Used like so:
./testssl.sh --mx torproject.org

CheckTLS[2] is also good for actually doing email send and receive tests.

We're currently struggling a bit with just how hardcore we can be in
securing our server communications. Right now Postfix is configured[3] to
only connect out using TLS and only accept incoming TLS connections from
servers with a verifiable cert. That seems reasonable, except... we're
getting complaints that Chinese mail services don't meet those criteria,
and Chinese users can't/won't/don't use Gmail/Hotmail/Yahoo.

...As an example of the sort of shared hurdles we might encounter.

[1]: https://testssl.sh/
[2]: https://www.checktls.com/
[3]:
https://bitbucket.org/psiphon/psiphon-circumvention-system/src/2d052db9597d/EmailResponder/README.md#markdown-header-sample-maincf

-- 
Adam Pritchard
Psiphon Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150618/f8526103/attachment.html>


More information about the tor-dev mailing list