El 16/04/11 21:12, intrigeri escribió: > Hi, > > sajolida wrote (14 Apr 2011 15:28:37 GMT) : >> In the process of rewriting Tails' documentation I worked yesterday >> on the warning page. > > Great! > >> So I'm asking for your review. > > Here it is. > > (I fixed a few typos and other minor stuff. Will push soon.) > > Why are you using only second-level titles on doc/overview and > doc/warning? Is this so that their content can more nicely be > [[!inline ]]'d on other pages?
For no good reason. At some point in life, I thought it was not valid to use two h1 in a same page and so I used to put h1 only on the page title, but actually it is perfectly valid so I should forget about that. I changed that and put every different warning section as h1. There seems to be no clear preference on the wiki source between using '-----'-style of '#'-style headers, Right? > Some of the "Quoted from..." references were unclear to me. At first > glance, I was not sure if it referred to the part before or the part > after (especially when a picture comes right after it). Ok, I was putting those mainly as explicit references to the sources I used for licensing, eg. Wikipedia. I know moved all that at the end of each section and put the reference in italic. Hope it's more clear now. >> This still leaves open the possibility of a man-in-the-middle attack >> even when your browser is trusting an HTTPS connection but this >> won't affect Tor or Tails users more than anybody else on the >> Internet. Actually, by providing anonymity, Tor makes it more >> difficult to perform a man-in-the-middle attack targeted on a >> specific user with the blessing of a rogue SSL certificate. > > I disagree with "this won't affect [...] more than anybody else on the > Internet"; while an attack targeted at *one specific person* is more > difficult to setup, and I am glad to see it mentioned, some other > kinds of attacks, such as large scale MitM attempts, or attacks > targeted at *a specific server*, and especially those among its users > who happen to use Tor, is actually made easier; such attacks can be > setup by anyone without special cow powers, e.g. by those who cannot > get a legal wiretapping order but still want to gather passwords, or > those who could get a legal wiretapping order but prefer not to, for > various reasons. Great, that's corrected now. > Sometimes I read "See, $ref", while sometimes I read "See $ref". > Just mentioning it in case this is an error. Else, I don't mind. I changed everything to "See $ref". > Confirmation attacks: mention the "both your home ISP and the server's > one cooperate with an adversary of yours"? Added. > "virtual identities" => "contextual identities"? Changed. >> Vidalia's "New Identity" button forces Tor to use new circuits, thus >> addressing the first threat > > Wrong. It asks Tor to use new circuits **for new connections** only. > We've been discussing it on this mailing-list a few months ago, in the > thread about HTTP keep-alive. Also see recent activity about such > matters on Tor's bug tracker. In the current state of things, I think > we should either not mention this feature of Vidalia's, or tell it can > **not** be accounted on to address the first threat. Woops, actually I knew about that at the time of writing but I wrote it wrong indeed. I rewrote that part. -- sajolida
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tails-dev mailing list tails-dev@boum.org https://boum.org/mailman/listinfo/tails-dev