139 lines
4.0 KiB
Plaintext
139 lines
4.0 KiB
Plaintext
KEY:
|
|
- Not done
|
|
. Partially done
|
|
o complete
|
|
X Won't do.
|
|
|
|
|
|
MILESTONE 0: Build a circuit and use it
|
|
o Read a directory from disk
|
|
o Pick random relays
|
|
o Construct a one-hop circuit with CREATE_FAST
|
|
o Construct a one-hop circuit with ntor
|
|
o Build relay cells
|
|
o Construct a multihop circuit.
|
|
o Open a stream
|
|
o Make a request, get a response (no sendmes yet)
|
|
|
|
MILESTONE 1: Refactoring on above
|
|
o Stop parameterizing all APIs on TLS type.
|
|
o Combine "create circuit" and "create first hop"?
|
|
o More types of circent for clarity.
|
|
o Improve testing
|
|
o Improve documentation
|
|
o Make sure readme is right
|
|
|
|
MILESTONE 2: Working streams
|
|
o Improve circuit API.
|
|
o Get an initial stream API together.
|
|
o Make end cells work, and get sent both ways.
|
|
o Make SENDMEs work
|
|
o Make authenticated sendmes work.
|
|
o Make sendme authentication optional.
|
|
- Circuit reactor shutdown needs to make writes fail; protocol
|
|
failures on circuits/streams need to kill off the circuit.
|
|
- Improve testing
|
|
- Improve documentation
|
|
- Make sure readme is right
|
|
|
|
MILESTONE 3: Clean and tidy
|
|
- Make sure that circuit Destroys are handled and sent correctly.
|
|
Use ideas from circuit module.
|
|
- Complete testing in tor-proto crate.
|
|
- Better solution for deadlock in lock on sendwindow.
|
|
- Ed25519 needs to have an "identity" non-parsed version, maybe.
|
|
- Add a state for streams _we_ have closed where we haven't got an end
|
|
from the other side. Treat unexpected stream data as fatal.
|
|
(Defend against DropMark attack from 25573)
|
|
- Less copying, esp around Box<RawCellBody>. Consider bytes crate.
|
|
- Is this "reactor" business a sensible design? Is there a better one?
|
|
- Use better types for cases when only a few messages are possible.
|
|
- Get a data-oriented stream API
|
|
- Make all APIs conform to best practices
|
|
- Figure out which consensus method we require, and say so.
|
|
- Make a plan for what closes when
|
|
- Make sure everything closes when it is supposed to.
|
|
- Refactor XXXX and TODO code; make sure everything is tested and
|
|
documented.
|
|
|
|
|
|
MILESTONE A: Experimental client use
|
|
- Build circuits on demand
|
|
- Downloading directory information, using compression and diffs.
|
|
- Minimal stable API.
|
|
- Optionally, expose a socks port
|
|
- Begin using semver.
|
|
|
|
MILESTONE B: Secure minimal client
|
|
- Correct path selection
|
|
- Timeouts
|
|
- Circuit timeout logic
|
|
- Connection timeout logic.
|
|
- What other kinds of timeouts?
|
|
- Connection padding (link protocol 5)
|
|
- Circuit padding (with padding machines)
|
|
- Build preemptive circuits
|
|
- Guard nodes
|
|
- Change behavior depending on network parameters
|
|
- CBT logic?
|
|
- Pathbias logic
|
|
- Figure out where to put a specific async executor and/or TLS
|
|
implementation in our stack.
|
|
|
|
MILESTONE C: Client feature parity
|
|
- V3 onion services
|
|
- Fairness on circuits/streams?
|
|
- Support for using bridges
|
|
- Pluggable transport support
|
|
- Controller API?
|
|
- Dormant mode?
|
|
- Transparent proxy mode(s)
|
|
|
|
|
|
MILESTONE H:
|
|
- Be a hidden service
|
|
|
|
MILESTONE R: Relay support
|
|
- Relay TLS handshake support
|
|
- Directory cache support
|
|
- Fairness support
|
|
- Better circuit queues and circuitmuxes (for performance)
|
|
- Statistics collection
|
|
- Key management
|
|
- Pluggable transports (server side)
|
|
- Being a bridge
|
|
- Self-testing
|
|
- Publishing descriptors
|
|
- Address discovery and configuration
|
|
- DNS lookup
|
|
- KIST scheduler
|
|
- DoS-resistence handling
|
|
- Rate-limiting
|
|
- Accounting
|
|
|
|
|
|
|
|
|
|
|
|
- Spec issues
|
|
- Test vectors
|
|
. Add test vectors for ntor
|
|
- Add test vectors for relay crypto
|
|
- Add test vectors for hs-ntor
|
|
- Add test vectors for hs-relay crypto
|
|
- Add test vectors for TAP
|
|
- Clarity
|
|
- END cell format
|
|
- Directory consistency
|
|
- "-----BEGIN" should not be a valid keyword
|
|
- Whitespace at start of line, y/n? Mixed whitespace, y/n? CR, y/n?
|
|
- UTF-8.
|
|
|
|
|
|
PROBABLY NEVER:
|
|
- TAP
|
|
- Link protocols before 4.
|
|
- Older consensus methods
|
|
|
|
|