Re: [tor-dev] Nominate/vote for future proposal discussion meetings!
isis agora lovecruft transcribed 2.9K bytes: > Hello all, > > Is there an existing Tor proposal you'd like to discuss? Please use > the following pad to nominate and vote for proposals for discussion. > > https://pad.riseup.net/p/Pxo2fQiiaSWo > > We'll be reviving our proposal discussion meetings soon, likely at the > beginning of January once people have returned from their winter > holidays. > > After the nominations/votes are taken, I'll start arranging meeting > times. If you nominate and/or vote for a proposal, I may reach out to > you at some point for your opinions on discussion items, open > questions/concerns, etc. to include for the meeting preparation. > > Thanks! Hello! Last chance (for this round) to get your nominations/votes in! This week I will be creating subthreads (of this thread) for each proposal meeting, which will have doodles/polls for dates and times. Unless someone requests otherwise, I'm not going to group proposals into batches for meetings: hopefully this way the meetings will be shorter and people only have to pay attention to the things they are interested in. Best regards, -- ♥Ⓐ isis agora lovecruft _ OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35 Current Keys: https://fyb.patternsinthevoid.net/isis.txt signature.asc Description: Digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] [prop-meeting] [prop#239] "Consensus Chain Hashing" (was: Nominate/vote for future proposal discussion meetings!)
Hello, Let's schedule a proposal discussion for prop#239 "Consensus Hash Chaining" [0] sometime next week (between 7 - 9 Feb). If you're CCed, it's because you put your name down on the pad as being interested in this discussion. If anyone has requests or concerns, or if I forgot to take your timezone into account, please let me know. https://doodle.com/poll/iahmzu95hpvxciex [0]: https://gitweb.torproject.org/torspec.git/tree/proposals/239-consensus-hash-chaining.txt -- ♥Ⓐ isis agora lovecruft _ OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35 Current Keys: https://fyb.patternsinthevoid.net/isis.txt signature.asc Description: Digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] [prop-meeting] [prop#285] "Directory documents should be standardized as UTF-8" (was: Nominate/vote for future proposal discussion meetings!)
Hello, Let's schedule a proposal discussion for prop#285 "Directory documents should be standardized as UTF-8" [0] sometime between 12 - 13 Feb. If you're CCed, it's because you put your name down on the pad as being interested in this discussion. If anyone has requests or concerns, or if I forgot to take your timezone into account, please let me know. https://doodle.com/poll/cnc6scybbfpky5f8 [0]: https://gitweb.torproject.org/torspec.git/tree/proposals/285-utf-8.txt Best regards, -- ♥Ⓐ isis agora lovecruft _ OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35 Current Keys: https://fyb.patternsinthevoid.net/isis.txt signature.asc Description: Digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] non-anonymous ephemeral onion services with stem
> On 24 Jan 2017, at 14:01, teor wrote: > > >> On 10 Jan 2017, at 09:17, teor wrote: >> >>> For example, maybe I want to use OnionShare to send my friend a 2GB >>> video clip, but anonymity doesn't matter to me. My friend and I already >>> know who each other are, and I'm not concerned about leaking what we're >>> doing, I just don't want to leak the plaintext video footage. In this >>> case, I might want to use a non-anonymous onion service just to make the >>> file transfer faster. >> >> Ok, so you trust your friend with your IP and onion address in this use >> case. >> >> But do you also trust the entire Tor network? > > I opened a ticket for the OnionShare single onion service use case: > https://trac.torproject.org/projects/tor/ticket/21295 > > We'll see what we can do, and try to work out the anonymity implications > of leaking your IP address to the intro and rendezvous points. I closed this ticket as "wontfix" with the following comment: I just don't think this is safe, particularly as part of Tor's current design. We are adding vanguards to make onion services harder to discover. And we want to reject connections to HSDir, intro, and rendezvous points where there is a client directly connected on both sides. If someone does want to give up their anonymity, they should run another tor instance, or restart their current instance in non-anonymous mode. Or we should develop a feature where controllers can set custom onion service paths. T -- Tim / teor PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n signature.asc Description: Message signed with OpenPGP ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] non-anonymous ephemeral onion services with stem
On Tue, Jan 30, 2018 at 11:03:26AM +1100, teor wrote: > >> Ok, so you trust your friend with your IP and onion address in this use > >> case. > >> > >> But do you also trust the entire Tor network? > > > > I opened a ticket for the OnionShare single onion service use case: > > https://trac.torproject.org/projects/tor/ticket/21295 > > > > We'll see what we can do, and try to work out the anonymity implications > > of leaking your IP address to the intro and rendezvous points. > > I closed this ticket as "wontfix" with the following comment: > > I just don't think this is safe, particularly as part of Tor's current > design. Agreed. I think the trend of people saying "well I don't need anonymity" is no different from the trend of people trying to justify their use of random public proxies, VPNs, etc instead of Tor. The fact is that people are often surprised to learn, after the fact when it's too late and now they regret it, that they should have wanted some more security. At Tor we should aim to give them that security by default, and if they don't want it, we shouldn't give them an opportunity to think "well I'm still using Tor so maybe I'm still making a good choice". (I think this reasoning argues for jettisoning the whole single onion service design too, but I won't try to make that argument in this thread.) --Roger ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] website patches for new Tor relay guide sidenav entry
Silvia [Hiro]: > Hi, > thanks for letting me know. > I have fixed the merge conflicts myself and merged. Since the page did no longer build after "Fix merge conflicts in sidenav" https://gitweb.torproject.org/project/web/webwml.git/commit/?id=c257c6ccac167d74206771f13d63e04335272661 I attempted to fix this with my comment and branch at https://trac.torproject.org/projects/tor/ticket/24881#comment:7 Do you have time to look into this? I'd like to get this fixed before submitting upcoming patches and I'd like to get them deployed before Alison is going to release an upcoming blog post. thanks, nusenu -- https://mastodon.social/@nusenu twitter: @nusenu_ signature.asc Description: OpenPGP digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
