summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* Make pluggable-transports-through-proxy.txt into proposal 232Nick Mathewson2014-04-14
|
* Proposal 231: Migrating authority RSA1024 identity keysNick Mathewson2014-04-08
|
* fix typo and reindexNick Mathewson2014-04-08
|
* Merge branch 'rsa1024_migrate'Nick Mathewson2014-04-08
|\
| * Give the rsa1024-relay-id-migration.txt proposal a numberNick Mathewson2014-04-08
| |
| * spellingNick Mathewson2014-04-07
| |
| * Draft proposal for how to migrate a bunch of router identity keysNick Mathewson2014-04-07
| | | | | | | | We might decide to do this as part of a CVE-2014-0160 response.
* | document new exit-policy/* GETINFOsNick Mathewson2014-04-08
| |
* | Document new PT_MISSING reason for ending an OR_CONNNick Mathewson2014-04-07
| | | | | | | | (See #9665 for more background.)
* | Document that rend-spec.txt uses KDF-Tor like TAP doesNick Mathewson2014-03-27
| | | | | | | | Fix for #8809
* | put a timestamp on nickm's proposal status documentRoger Dingledine2014-03-13
| |
* | mention ipv6 addresses in net/listeners/* docNick Mathewson2014-03-12
| |
* | Clarifying the output of tor's "GETINFO net/listeners/*" optionsDamian Johnson2014-03-12
| | | | | | | | | | | | | | The control spec didn't fully describe the output of these GETINFO options. This addresses... https://trac.torproject.org/11049
* | clarifications in proposal 224 based on questions from GeorgeNick Mathewson2014-03-07
| |
* | Merge remote-tracking branch 'karsten/bug8913'Nick Mathewson2014-03-05
|\ \ | |/ |/|
| * Remove now obsolete backward compatibility and migration plans.Karsten Loesing2014-02-08
| |
| * V2Dir really means version 2 or higher.Karsten Loesing2014-02-08
| |
| * Stop pretending that v2 directories are a thingNick Mathewson2014-02-07
| |
* | Defang TLS UKS attacks in tor-spec.txtNick Mathewson2014-03-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Our implementations disable session resumption, and don't send AUTHENTICATE before checking CERTS. It turns out that these are pretty important: see discussion of "triple handshake" and related UKS-enabled attacks at https://lists.torproject.org/pipermail/tor-dev/2014-March/006372.html Basically, session resumption plus renegotiation enables the triple- handshake attack. And sending an AUTHENTICATE cell before checking the CERTS cell would lead to sending the wrong SID field in the AUTHENTICATE cell, which would whittle our defense there even further.
* | Fix a couple of unfinished sentencesNick Mathewson2014-03-03
| |
* | Bring proposal-status.txt up to dateNick Mathewson2014-02-28
| | | | | | | | This is the version I'm sending out today.
* | Put proposal-status under version control. some edits have happened since ↵Nick Mathewson2014-02-28
| | | | | | | | december.
* | prop229: another questionNick Mathewson2014-02-28
| |
* | prop229: more changelogNick Mathewson2014-02-28
| |
* | Add some questions to proposal 229Nick Mathewson2014-02-28
| |
* | make proposal 229 a little more terse; add a meta-MUSTNick Mathewson2014-02-28
| |
* | Fix spelling, expand UNAME->USERNAMENick Mathewson2014-02-28
| |
* | Add socks5 extensions as proposal 229Nick Mathewson2014-02-28
| |
* | Expand an unfinished sentence into a paragraph. Caught by grarpamp.Nick Mathewson2014-02-26
| |
* | Merge remote-tracking branch 'public/bug10449'Nick Mathewson2014-02-25
|\ \
| * | Describe revised TAKEOWNERSHIP shutdown behaviorNick Mathewson2014-02-03
| |/
* | Actually add proposal 228: cross-certifying identity keys with onion keysNick Mathewson2014-02-25
| |
* | Add proposal 228: cross-certifying identity keys with onion keysNick Mathewson2014-02-25
| |
* | socks-extensions: we do not in fact ignore usernamesNick Mathewson2014-02-25
| |
* | Update the indexNick Mathewson2014-02-24
| |
* | Merge remote-tracking branch 'karsten/prop147reject'Nick Mathewson2014-02-24
|\ \
| * | Make it clearer that authorities scan other votes.Karsten Loesing2014-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | See git commits 2e692bd8 and eaf5487d, which went into 0.2.2.12-alpha: o Major bugfixes: - Many relays have been falling out of the consensus lately because not enough authorities know about their descriptor for them to get a majority of votes. When we deprecated the v2 directory protocol, we got rid of the only way that v3 authorities can hear from each other about other descriptors. Now authorities examine every v3 vote for new descriptors, and fetch them from that authority. Bugfix on 0.2.1.23. Section 3.6 already says this implicitly when specifying how authorities download missing router descriptors, but that doesn't mean we can't also make it more explicit when specifying how authorities exchange votes.
| * | Reject proposal 147, and give reasons for doing so.Karsten Loesing2014-01-28
| | |
* | | Merge remote-tracking branch 'linus/prop220-nits'Nick Mathewson2014-02-24
|\ \ \ | | | | | | | | | | | | | | | | Conflicts: proposals/220-ecc-id-keys.txt
| * | | Typos.Linus Nordberg2014-02-20
| | | |
* | | | tor-spec: link versions above 3 exist. (see sec 4.1)Nick Mathewson2014-02-20
| | | |
* | | | Use new prop220 cert format in prop224.Nick Mathewson2014-02-20
| | | |
* | | | Revise 220 to use a unified certificate formatNick Mathewson2014-02-20
|/ / /
* | | Add 227-vote-on-package-fingerprints.txtNick Mathewson2014-02-14
| | |
* | | ticket 9934 says DROPGUARDS is going into 0.2.5.2-alphaRoger Dingledine2014-02-11
| | |
* | | Note 10365-change in spec.Nick Mathewson2014-02-11
| |/ |/|
* | Merge remote-tracking branch 'houqp/hs_spec'Nick Mathewson2014-02-03
|\ \
| * | add hidden service descriptor asynchronous eventsQingping Hou2014-01-29
| |/
* | fix some typos on proposal 220Roger Dingledine2014-02-02
| |
* | Give proposal 226 a numberNick Mathewson2014-01-30
| |
generated by cgit v1.2.1 (git 2.18.0) at 2024-02-08 08:06:15 +0000