(Trying again with my tp.o email address) On 06/15/2014 02:05 PM, Yan Zhu wrote: > It's unclear whether this message went through to tor-dev (can't find it > in the archives), but I've added this update to > https://trac.torproject.org/projects/tor/wiki/doc/gsoc. > > On 06/13/2014 05:06 PM, Red wrote: >> Hello, everyone! >> I apologize for the fact that this is coming in late, but here is a >> summary of my progress and plans thus far in developing a secure ruleset >> update mechanism for the HTTPS Everywhere browser extension. >> >> The specification document detailing how the ruleset updater will >> function has been perhaps the greatest focus for me until now. The >> document is currently hosted on Github as a gist[1], and currently >> details the format for the JSON document the extension will fetch to >> determine whether the update information it receives is authentic and >> relevant. >> >> A second task I have been working on is the creation of a utility[2] >> used to automate much of the process of building the update.json file >> contents outlined by [1]. A lot of the work done here so far has been >> experimental, but it is already providing some utility for composing >> data that can be used for testing purposes. >> >> The third thing I have been working on is the actual implementation of >> the ruleset updater[3]. There are to be some changes to the spec that >> will be reflected in this code in the coming week, but the >> implementation so far is very close to being ready to test. >> >> In the last week, a lot of discussion has occurred centered around >> improving the specification for the ruleset update mechanism and how the >> update.json file and signing thereof should function and be written. I >> have posted my weekly meeting notes to another gist[4] which I will from >> today onwards be keeping up to date with my weekly notes so that they >> will be publicly available and well-formatted. In summary, my upcoming >> work will involve updating the update.json spec to reflect the >> discussion being had on the https-everywhere mailing list and between >> myself and my mentor, Yan. I will then focus on updating the extension >> code as well as the utility I have been working on to reflect the >> changes to the spec. I will then move on to testing the signature >> verification method locally by creating example documents and a Python >> script to verify the signature. I will also be setting up a testing >> environment to properly test my work on the ruleset update mechanism. >> >> My work can be more closely followed on Github- specifically, my fork of >> the official HTTPS-Everywhere repository[5]. The code I have been >> working on resides in my "makeJSONManifest" and "rulesetUpdating" >> branches. You can also follow the discussion on the https-everywhere >> mailing list, and are welcome to join in mine and Yan's weekly meetings >> in #https-everywhere on irc.oftc.net at 11:00AM Pacific Time on >> Fridays. We're happy to have people chime in with ideas, and commentary >> in IRC, the mailing list, and on Github is welcome! >> >> [1]: https://gist.github.com/redwire/2e1d8377ea58e43edb40 >> [2]: >> https://github.com/redwire/https-everywhere/blob/makeJSONManifest/utils/ruleset_update_manifest.py >> [3]: >> https://github.com/redwire/https-everywhere/blob/rulesetUpdating/src/chrome/content/code/rulesetUpdate.js >> [4]: https://gist.github.com/redwire/b62f03905a826e79947a >> [5]: https://github.com/redwire/https-everywhere >> >> >> >> _______________________________________________ >> HTTPS-Everywhere mailing list >> https-everywh...@lists.eff.org >> https://lists.eff.org/mailman/listinfo/https-everywhere >> > >
-- Yan Zhu <y...@eff.org>, <y...@torproject.org> Staff Technologist Electronic Frontier Foundation https://www.eff.org 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x134 _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev