finish first round of polishing. whew.
Roger Dingledine

Roger Dingledine commited on 2008-03-12 01:32:09
Zeige 1 geänderte Dateien mit 160 Einfügungen und 100 Löschungen.

... ...
@@ -95,7 +95,7 @@ Farsi translations, for the many Tor users in censored areas.</li>
95 95
 <p>
96 96
 You may find some of these projects to be good <a href="<page
97 97
 gsoc>">Google Summer of Code 2008</a> ideas. We have labelled each idea
98
-with how important it is to the overall Tor project to get this started
98
+with how useful it would be to the overall Tor project
99 99
 (priority), how much work we expect it would be (effort level), how much
100 100
 clue you should start with (skill level), and which of our <a href="<page
101 101
 people>#Core">core developers</a> would be good mentors.
... ...
@@ -114,7 +114,7 @@ Skill Level: <i>High</i>
114 114
 <br />
115 115
 Likely Mentors: <i>Matt, Jacob</i>
116 116
 <br />
117
-We're in need of a good updating framework. 
117
+We're in need of a good authenticated-update framework.
118 118
 Vidalia already has the ability to notice when the user is running an
119 119
 outdated or unrecommended version of Tor, using signed statements inside
120 120
 the Tor directory information. Currently, Vidalia simply pops
... ...
@@ -138,7 +138,7 @@ an existing one) and test it.
138 138
 <br />
139 139
 A student undertaking this project should have good C++ development
140 140
 experience. Previous experience with Qt is helpful, but not required. The
141
-student should also have a basic understanding of common security
141
+student should also have a good understanding of common security
142 142
 practices, such as package signature verification. Good writing ability
143 143
 is also important for this project, since a vital step of the project
144 144
 will be producing a design document for others to review and discuss
... ...
@@ -220,7 +220,8 @@ to be able to change Tor's configuration (torrc) even though it is
220 220
 located in <code>/etc/tor/torrc</code> and thus immutable. The best
221 221
 idea we've come up with so far is to feed Tor a new configuration via
222 222
 the ControlSocket when Vidalia starts, but that's bad because Tor starts
223
-with a different configuration than the user wants. The second best idea
223
+each boot with a different configuration than the user wants. The second
224
+best idea
224 225
 we've come up with is for Vidalia to write out a temporary torrc file
225 226
 and ask the user to manually move it to <code>/etc/tor/torrc</code>,
226 227
 but that's bad because users shouldn't have to mess with files directly.
... ...
@@ -242,8 +243,8 @@ Skill Level: <i>Medium</i>
242 243
 Likely Mentors: <i>Matt, Roger</i>
243 244
 <br />
244 245
 There are a number of status changes inside Tor of which the user may need
245
-to be informed. For example, if the user is trying to set up a Tor
246
-relay and Tor decides the user's relay is not reachable from outside
246
+to be informed. For example, if the user is trying to set up his Tor as a
247
+relay and Tor decides that its ports are not reachable from outside
247 248
 the user's network, we should alert the user. Currently, all the user
248 249
 gets is a couple log messages in Vidalia's 'message log' window, which they
249 250
 likely never see since they don't receive a notification that something
... ...
@@ -274,7 +275,7 @@ design/Photoshop fu, since we might want/need some shiny new icons too.
274 275
 </li>
275 276
 
276 277
 <li>
277
-<b>A Translation Wiki</b>
278
+<b>Translation Wiki</b>
278 279
 <br />
279 280
 Priority: <i>High</i>
280 281
 <br />
... ...
@@ -284,24 +285,28 @@ Skill Level: <i>Medium</i>
284 285
 <br />
285 286
 Likely Mentors: <i>Jacob</i>
286 287
 <br />
287
-We need a way to edit and translate sections of the website &mdash;
288
-possibly resulting in a patch for the official svn tree. The current
289
-"cost" of publication of website changes is quite high even for English
290
-language users. They need to check out our template files, translate them,
291
-and send us the translation. For a single word change or any type of
288
+We need a way to edit and translate sections of the website. Currently
289
+the website is made up of a bunch of <a href="<svnsandbox>website/en/">wml
290
+files</a>, and <a href="<page translation>">translators</a> fetch these
291
+wml files, translate them in an editor, and either send us the translation
292
+or use svn to commit them back. The current "cost" of publication of
293
+website changes is quite high even for English language users. For a
294
+single word change or any type of
292 295
 minor change, the page may never be corrected or translated.  It would
293 296
 be nice to have a wiki that was specifically geared towards translation
294 297
 and would somehow track the upstream (English) versions to indicate when
295
-a fresh translation is needed. This seems mostly like a job for a wiki
298
+a fresh translation is needed, like our current
299
+<a href="<page translation-status>">translation status page</a>. This
300
+seems mostly like a job for a wiki
296 301
 integrator or wiki software author. Certainly the person would need to
297 302
 be interested in human languages and translation. They should at least
298
-be minimally familiar with what Tor is but would not have to interact
299
-with the software, only the documentation on the website.
303
+be minimally familiar with what Tor is; but they would not have to interact
304
+with the software, only the documentation and the website.
300 305
 </li>
301 306
 
302 307
 <li>
303 308
 <b>Improvements on our active browser configuration tester</b> - 
304
-<a href="https://check.torproject.org">https://check.torproject.org</a>
309
+<a href="https://check.torproject.org/">https://check.torproject.org/</a>
305 310
 <br />
306 311
 Priority: <i>Medium</i>
307 312
 <br />
... ...
@@ -309,24 +314,30 @@ Effort Level: <i>Low</i>
309 314
 <br />
310 315
 Skill Level: <i>Low to Medium</i>
311 316
 <br />
312
-Likely Mentors: <i>Jacob</i>
317
+Likely Mentors: <i>Jacob, Steven</i>
313 318
 <br />
314 319
 We currently have a functional web page to detect if Tor is working. It
315 320
 is has a few places where it falls short. It requires improvements with
316 321
 regard to default languages and functionality. It currently only responds
317 322
 in English. In addition, it is a hack of a perl script that should have
318 323
 never seen the light of day. It should probably be rewritten in python
319
-with multi-lingual support in mind. It currently uses the Tor DNS exit
320
-list and should continue to do so in the future. It may result in certain
324
+with multi-lingual support in mind. It currently uses the <a
325
+href="http://exitlist.torproject.org/">Tor DNS exit list</a>
326
+and should continue to do so in the future. It currently result in certain
321 327
 false positives and these should be discovered, documented, and fixed
322 328
 where possible. Anyone working on this project should be interested in
323 329
 DNS, basic perl or preferably python programming skills and will have
324 330
 to interact minimally with Tor to test their code.
331
+<br />
332
+If you want to make the project more exciting
333
+and involve more design and coding, take a look at <a
334
+href="<svnsandbox>doc/spec/proposals/131-verify-tor-usage.txt">proposal
335
+131-verify-tor-usage.txt</a>.
325 336
 </li>
326 337
 
327 338
 <li>
328 339
 <b>Improvements on our DNS Exit List service</b> - 
329
-<a href="http://exitlist.torproject.org">http://exitlist.torproject.org</a>
340
+<a href="http://exitlist.torproject.org/">http://exitlist.torproject.org/</a>
330 341
 <br />
331 342
 Priority: <i>Medium</i>
332 343
 <br />
... ...
@@ -336,10 +347,11 @@ Skill Level: <i>Low</i>
336 347
 <br />
337 348
 Likely Mentors: <i>Jacob, Tup</i>
338 349
 <br />
339
-The exitlist software is written by our fabulous anonymous
350
+The <a href="http://p56soo2ibjkx23xo.onion/">exitlist software</a>
351
+is written by our fabulous anonymous
340 352
 contributer Tup. It's a DNS server written in Haskell that supports part of our <a
341 353
 href="https://www.torproject.org/svn/trunk/doc/contrib/torel-design.txt">exitlist
342
-design document</a>. Currently, it's functional and it is used by
354
+design document</a>. Currently, it is functional and it is used by
343 355
 check.torproject.org and other users. The issues that are outstanding
344 356
 are mostly aesthetic. This wonderful service could use a much better
345 357
 website using the common Tor theme. It would be best served with better
... ...
@@ -361,24 +373,26 @@ Effort Level: <i>Medium</i>
361 373
 <br />
362 374
 Skill Level: <i>Medium</i>
363 375
 <br />
364
-Likely Mentors: <i>Jacob, Mike</i>
376
+Likely Mentors: <i>Jacob, Mike, Greg</i>
365 377
 <br />
366
-The Tor project currently lacks a solid test to ensure that a
367
-user has a properly configured web browser. It should test for as
378
+The Tor project currently lacks a solid test suite to ensure that a
379
+user has a properly and safely configured web browser. It should test for as
368 380
 many known issues as possible. It should attempt to decloak the
369 381
 user in any way possible.  Two current webpages that track these
370
-kinds of issues are run by Greg and HD Moore. Greg keeps a nice <a
382
+kinds of issues are run by Greg Fleischer and HD Moore. Greg keeps a nice <a
371 383
 href="http://pseudo-flaw.net/tor/torbutton/">list of issues along
372 384
 with their proof of concept code, bug issues, etc</a>. HD Moore runs
373 385
 the <a href="http://metasploit.com/research/projects/decloak/">metasploit
374
-decloak website</a>. A person interested in attacking Tor could start
386
+decloak website</a>. A student interested in defending Tor could start
375 387
 by collecting as many workable and known methods for decloaking a
376
-Tor user. The person should be familiar with the common pitfalls but
388
+Tor user. (<a href="https://torcheck.xenobite.eu/">This page</a> may
389
+be helpful as a start.) The student should be familiar with the common
390
+pitfalls but
377 391
 possibly have new methods in mind for implementing decloaking issues. The
378 392
 website should ensure that it tells a user what their problem is. It
379 393
 should help them to fix the problem or direct them to the proper support
380
-channels. The person should be closely familiar with using Tor and how
381
-to prevent Tor leakage.
394
+channels. The student should be closely familiar with using Tor and how
395
+to prevent Tor information leakage.
382 396
 </li>
383 397
 
384 398
 <li>
... ...
@@ -388,15 +402,25 @@ Priority: <i>High</i>
388 402
 <br />
389 403
 Effort Level: <i>High</i>
390 404
 <br />
391
-Skill Level: <i>Medium to High</i>
405
+Skill Level: <i>High</i>
392 406
 <br />
393
-Likely Mentors: <i>Roger</i>
407
+Likely Mentors: <i>Nick</i>
394 408
 <br />
395 409
 Tor needs even better censorship resistance mechanisms.  There are
396
-several mechanisms that can help.  Tor should be able listen on multiple
397
-addresses and ports, and allow clients to connect to all of them.
398
-Tor should be able to appear like a webserver (HTTP or HTTPS) when
399
-contacted by port-scanning tools.
410
+several mechanisms that can help.  Tor should be able to
411
+<a href="<svnsandbox>doc/spec/proposals/118-multiple-orports.txt">listen
412
+on multiple
413
+addresses and ports</a>, and allow clients to connect to all of them.
414
+Tor relays and
415
+<a href="<svnsandbox>doc/spec/proposals/125-bridges.txt">Tor bridges</a>
416
+should be able to
417
+<a href="<svnsandbox>doc/design-paper/blocking.html#tth_sEc9.3">appear like
418
+a webserver</a> (HTTP or HTTPS) when contacted by port-scanning tools.
419
+<br />
420
+This project involves a lot of research and design. One of the big
421
+challenges will be identifying and crafting approaches that can still
422
+resist an adversary even after the adversary knows the design, and
423
+then trading off censorship resistance with usability and robustness.
400 424
 </li>
401 425
 
402 426
 <li>
... ...
@@ -413,7 +437,7 @@ Likely Mentors: <i>Nick</i>
413 437
 Tor should make better use of the more recent features of Niels Provos's
414 438
 Libevent library.  Libevent already provides HTTP and socket buffers;
415 439
 Tor's code for those could be replaced.  We'll need to improve libevent's
416
-code as needed; particularly, to add good openssl support on top of
440
+code as needed &mdash; in particular to add good openssl support on top of
417 441
 libevent's buffer abstraction.
418 442
 </li>
419 443
 
... ...
@@ -426,7 +450,7 @@ Effort Level: <i>Medium</i>
426 450
 <br />
427 451
 Skill Level: <i>Medium to High</i>
428 452
 <br />
429
-Likely Mentors: <i>Roger</i>
453
+Likely Mentors: <i>Nick, Roger, Mike</i>
430 454
 <br />
431 455
 Tor should possibly measure bandwidth in a distributed way, as in the
432 456
 <a href="http://freehaven.net/anonbib/">"A Tuneup for Tor"</a> paper
... ...
@@ -437,6 +461,7 @@ into the Tor network without adding undesirable n^2 traffic properties
437 461
 at the directory authorities.
438 462
 </li>
439 463
 
464
+<!--
440 465
 <li>
441 466
 <b>Improving the Tor QA process: Continuous Integration for Windows builds</b>
442 467
 <br />
... ...
@@ -470,8 +495,9 @@ our regular integration and compile testing already,
470 495
 but we need to get our network simulation tests (as built in torflow)
471 496
 updated for more recent versions of Tor, and designed to launch a test
472 497
 network either on a single machine, or across several, so we can test
473
-changes in performance on machines in different roles automatically.<br />
498
+changes in performance on machines in different roles automatically.
474 499
 </li>
500
+-->
475 501
 
476 502
 <li>
477 503
 <b>Improve our unit testing process</b>
... ...
@@ -488,18 +514,20 @@ Tor needs to be far more tested.  This is a multi-part effort.  To start
488 514
 with, our unit test coverage should rise substantially, especially in
489 515
 the areas outside the utility functions.  This will require significant
490 516
 refactoring of some parts of Tor, in order to dissociate as much logic
491
-as possible from globals.<br />
517
+as possible from globals.
518
+<br />
492 519
 Additionally, we need to automate our performance testing.  We've got
493
-buildbot (except on Windows &mdash; see above) to automate our regular 
494
-integration and compile testing already,
495
-but we need to get our network simulation tests (as built in torflow)
520
+buildbot to automate our regular integration and compile testing already
521
+(though we need somebody to set it up on Windows),
522
+but we need to get our network simulation tests (as built in TorFlow: see
523
+the "Tor Node Scanner improvements" item)
496 524
 updated for more recent versions of Tor, and designed to launch a test
497 525
 network either on a single machine, or across several, so we can test
498
-changes in performance on machines in different roles automatically.<br />
526
+changes in performance on machines in different roles automatically.
499 527
 </li>
500 528
 
501 529
 <li>
502
-<b>Help revive the Java community around Tor</b>
530
+<b>Help revive an independent Tor client implementation</b>
503 531
 <br />
504 532
 Priority: <i>Medium</i>
505 533
 <br />
... ...
@@ -507,7 +535,7 @@ Effort Level: <i>High</i>
507 535
 <br />
508 536
 Skill Level: <i>Medium to High</i>
509 537
 <br />
510
-Likely Mentors: <i>Karsten</i>
538
+Likely Mentors: <i>Karsten, Nick</i>
511 539
 <br />
512 540
 Reanimate one of the approaches to implement a Tor client in Java,
513 541
 e.g. the <a href="http://onioncoffee.sourceforge.net/">OnionCoffee
... ...
@@ -517,8 +545,9 @@ would be to port the existing code and execute it in an Android
517 545
 environment. Next, the code should be updated to support the newer Tor
518 546
 protocol versions like the <a href="<svnsandbox>doc/spec/dir-spec.txt">v3
519 547
 directory protocol</a>. Further, support for requesting or even
520
-providing Tor hidden services would be neat, but not required. The
521
-student should be able to understand and write new Java code, including
548
+providing Tor hidden services would be neat, but not required.
549
+<br />
550
+The student should be able to understand and write new Java code, including
522 551
 a Java cryptography API. Being able to read C code would be helpful,
523 552
 too. The student should be willing to read the existing documentation,
524 553
 implement code based on it, and refine the documentation
... ...
@@ -527,7 +556,7 @@ to a small degree about design.
527 556
 </li>
528 557
 
529 558
 <li>
530
-<b>Become the PuppeTor Master</b>
559
+<b>Automatic system tests and automatically starting private Tor networks</b>
531 560
 <br />
532 561
 Priority: <i>Medium</i>
533 562
 <br />
... ...
@@ -535,7 +564,7 @@ Effort Level: <i>Medium</i>
535 564
 <br />
536 565
 Skill Level: <i>Medium</i>
537 566
 <br />
538
-Likely Mentors: <i>Karsten, Roger</i>
567
+Likely Mentors: <i>Karsten, Nick, Roger</i>
539 568
 <br />
540 569
 Write a tool that runs automatic system tests in addition
541 570
 to the existing unit tests. The Java-based Tor simulator <a
... ...
@@ -546,9 +575,11 @@ project requires to conceive a blueprint for performing system tests
546 575
 of private Tor networks, before starting to code. Typical types of
547 576
 tests range from performing single requests over the private network to
548 577
 manipulating exchanged messages and see if nodes handle corrupt messages
549
-appropriately. The student should be able to obtain a good understanding
578
+appropriately.
579
+<br />
580
+The student should be able to obtain a good understanding
550 581
 of how Tor works and what problems and bugs could arise to design good
551
-test cases. Understanding the existing Tor code and documentation is
582
+test cases. Understanding the existing Tor code structure and documentation is
552 583
 vital. If PuppeTor is used, the student should also be able to understand
553 584
 and possibly extend an existing Java application. This project is partly
554 585
 about design and partly about coding.
... ...
@@ -571,13 +602,14 @@ to monitor a local Tor relay via its control port and include useful
571 602
 system information of the underlying machine. When running this tool, it
572 603
 would dynamically update its content like top does for Linux processes.
573 604
 <a href="http://archives.seul.org/or/dev/Jan-2008/msg00005.html">This
574
-or-dev post</a> might be a good first read. The student should be familiar
605
+or-dev post</a> might be a good first read.
606
+<br />
607
+The student should be familiar
575 608
 with or willing to learn about administering a Tor relay and configuring
576 609
 it via its control port. As an initial prototype is written in Python,
577 610
 some knowledge about writing Python code would be helpful, too. This
578
-project is for the one part about identifying requirements to such a
579
-tool and designing its interface; but on the other part, the project
580
-also requires a lot of coding.
611
+project is one part about identifying requirements to such a
612
+tool and designing its interface, and one part lots of coding.
581 613
 </li>
582 614
 
583 615
 <li>
... ...
@@ -589,10 +621,13 @@ Effort Level: <i>High</i>
589 621
 <br />
590 622
 Skill Level: <i>High</i>
591 623
 <br />
592
-Likely Mentors: <i>Mike Perry</i>
624
+Likely Mentors: <i>Mike</i>
593 625
 <br />
594 626
 The Tor exit node scanner 'SoaT', part of the <a
595
-href="https://www.torproject.org/svn/torflow/">Torflow project</a>, is
627
+href="<svnsandbox>torflow/">Torflow project</a>, makes connections out
628
+of each Tor exit node and compares the content it gets back with what it
629
+"should" get back. The goal is to notice misconfigured, broken, and even
630
+malicious exit relays. Alas, the code is
596 631
 currently written in rather rickety perl and relies on MD5sums of
597 632
 entire documents in order to determine if exit nodes are modifying
598 633
 content. The problem with this is threefold: 1) Perl sucks at life.
... ...
@@ -602,8 +637,8 @@ Pages change after a while (or based on GeoIP) and begin generating
602 637
 false positives.
603 638
 <br />
604 639
 Ideally, soat.pl would be reimplemented in a sane language with a
605
-robust html parser library (since the rest of Torflow is in Python,
606
-that would be nice, but not required), and calculate signatures only for
640
+robust html parser library (since the rest of Torflow is in Python
641
+that would be nice, but it is not required), and calculate signatures only for
607 642
 tags and content likely to be targeted by a malicious attacker (script
608 643
 tags, object links, images, css). It should also be robust in the face of
609 644
 changes to content outside of Tor, and ultimately even GeoIP localized
... ...
@@ -617,18 +653,18 @@ setting.
617 653
 <li>
618 654
 <b>Tor Node Scanner improvements</b>
619 655
 <br />
620
-Priority: <i>Medium</i>
656
+Priority: <i>High</i>
621 657
 <br />
622 658
 Effort Level: <i>Medium to High</i>
623 659
 <br />
624 660
 Skill Level: <i>Medium to High</i>
625 661
 <br />
626
-Likely Mentors: <i>Mike Perry</i>
662
+Likely Mentors: <i>Mike</i>
627 663
 <br />
628 664
 Similar to the exit scanner (or perhaps even during exit scanning),
629 665
 statistics can be gathered about the reliability of nodes. Nodes that
630
-fail a certain percentage of their circuits should not be used for
631
-Guard status, and perhaps should have their reported bandwidth
666
+fail too high a percentage of their circuits should not be given
667
+Guard status. Perhaps they should have their reported bandwidth
632 668
 penalized by some ratio as well, or just get marked as Invalid. In
633 669
 addition, nodes that exhibit a very low average stream capacity but
634 670
 advertise a very high node bandwidth can also be marked as Invalid.
... ...
@@ -641,13 +677,43 @@ In addition, these same statistics can be gathered about the traffic
641 677
 through a node. Events can be added to the <a
642 678
 href="https://www.torproject.org/svn/torctl/doc/howto.txt">Tor Control
643 679
 Protocol</a> to
644
-report if a circuit extend through the node succeeds or fails, and
680
+report if a circuit extend attempt through the node succeeds or fails, and
645 681
 passive statistics can be gathered on both bandwidth and reliability
646 682
 of other nodes via a node-based monitor using these events. Such a
647 683
 scanner would also report information on oddly-behaving nodes to
648 684
 the Directory Authorities, but a communication channel for this
649 685
 currently does not exist and would need to be developed as well.
650 686
 </li>
687
+
688
+<li>
689
+<b>Help track the overall Tor Network status</b>
690
+<br />
691
+Priority: <i>High</i>
692
+<br />
693
+Effort Level: <i>Medium</i>
694
+<br />
695
+Skill Level: <i>Medium</i>
696
+<br />
697
+Likely Mentors: <i>Roger, Nick, Mike</i>
698
+<br />
699
+It would be great to set up an automated system for tracking network
700
+health over time, graphing it, etc. Part of this project would involve
701
+inventing better metrics for assessing network health and growth. Is the
702
+average uptime of the network increasing? How many relays are qualifying
703
+for Guard status this month compared to last month? What's the turnover
704
+in terms of new relays showing up and relays shutting off? Periodically
705
+people collect brief snapshots, but where it gets really interesting is
706
+when we start tracking data points over time.
707
+<br />
708
+Data could be collected from the "Tor Node Scanner" item above, from
709
+the server descriptors that each relay publishes, and from other
710
+sources. Results over time could be integrated into one of the <a
711
+href="https://torstatus.blutmagie.de/">Tor Status</a> web pages, or be
712
+kept separate. Speaking of the Tor Status pages, take a look at Roger's
713
+<a href="http://archives.seul.org/or/talk/Jan-2008/msg00300.html">Tor
714
+Status wish list</a>.
715
+</li>
716
+
651 717
 <li>
652 718
 <b>Tor path selection improvements</b>
653 719
 <br />
... ...
@@ -664,8 +730,9 @@ improve Tor speed. For instance, some of the (unofficial) <a
664 730
 href="http://wiki.noreply.org/noreply/TheOnionRouter/FireFoxTorPerf">Tor
665 731
 Performance Recommendations</a> on the wiki are to increase the number of
666 732
 guards and decrease the CircuitBuildTimeout. Ideally, the client would
667
-learn these values by gathering statistics on circuit construction
668
-time (and/or using values gained from Torflow), and set the timeouts
733
+<a href="http://archives.seul.org/or/talk/Feb-2008/msg00012.html">learn
734
+these values by gathering statistics on circuit construction
735
+time</a> (and/or using values gained from Torflow), and set the timeouts
669 736
 low enough such that some high percentile (75%, 90%, 1-stddev?) of
670 737
 circuits succeed, yet extremely slow nodes are avoided. This would
671 738
 involve some statistics gathering+basic research, and some changes to 
... ...
@@ -675,11 +742,14 @@ In addition, to improve path security, some elements from the <a
675 742
 href="http://www.torproject.org/svn/trunk/doc/spec/proposals/115-two-hop-paths.txt">Two
676 743
 Hop Paths proposal</a> could be done as part of this (since it will
677 744
 likely touch the same code anyways), regardless of the adoption of
678
-that proposal. In particular, clients probably should avoid guards that seem to
679
-fail an excessive percentage of their circuits through them, and non-bridged
680
-clients should issue a warn if they are only able to connect to a limited set
681
-of guard nodes.
745
+that proposal. In particular, clients probably should avoid guards that
746
+seem to fail an excessive percentage of their circuits through them,
747
+and non-firewalled clients should issue a warning if they are only able
748
+to connect to a limited set of guard nodes. See also
749
+<a href="http://archives.seul.org/or/dev/Feb-2008/msg00003.html">this
750
+or-dev post</a>.
682 751
 </li>
752
+
683 753
 <li>
684 754
 <b>Torbutton improvements</b>
685 755
 <br />
... ...
@@ -689,9 +759,8 @@ Effort Level: <i>High</i>
689 759
 <br />
690 760
 Skill Level: <i>High</i>
691 761
 <br />
692
-Likely Mentors: <i>Mike Perry</i>
762
+Likely Mentors: <i>Mike</i>
693 763
 <br/>
694
-
695 764
 Torbutton has a number of improvements that can be made in the post-1.2
696 765
 timeframe. Most of these are documented as feature requests in the <a
697 766
 href="https://bugs.torproject.org/flyspray/index.php?tasks=all&project=5">Torbutton
... ...
@@ -708,33 +775,24 @@ else you might think of.
708 775
 This work would be independent coding in Javascript and the fun world of <a
709 776
 href="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">XUL</a>,
710 777
 with not too much involvement in the Tor internals.
711
-
712
-</li>
713
-<li>
714
-<b>Help track the overall Tor Network status</b>
715
-Torstatus. Set up an automated system for tracking network health
716
-over time, graphing it, etc. Better metrics for assessing network
717
-health and growth. Make it short and simple. Unbloated and easy to audit.
718 778
 </li>
719 779
 
720
-<li>vidalia and upnp</li>
721
-<li>nymble</li>
722
-
723 780
 <li>
724 781
 <b>Porting Polipo to Windows</b>
725 782
 <br />
726
-Priority: <i>High</i>
783
+Priority: <i>Medium</i>
727 784
 <br />
728
-Effort Level: <i>High</i>
785
+Effort Level: <i>Medium</i>
729 786
 <br />
730 787
 Skill Level: <i>Medium to High</i>
731 788
 <br />
732
-Likely Mentors: <i>Steven, Roger</i>
789
+Likely Mentors: <i>Andrew, Steven, Roger</i>
733 790
 <br />
734 791
 Help port <a
735 792
 href="http://www.pps.jussieu.fr/~jch/software/polipo/">Polipo</a> to
736
-Windows. 1) handle spaces in path names and understand the filesystem
737
-namespace &mdash; namespace meaning where application data, personal data,
793
+Windows. Example topics to tackle include:
794
+1) handle spaces in path names and understand the filesystem
795
+namespace &mdash; that is, where application data, personal data,
738 796
 and program data typically reside in various versions of Windows. 2) the
739 797
 ability to handle ipv6 communications. 3) the ability to asynchronously
740 798
 query name servers, find the system nameservers, and manage netbios
... ...
@@ -749,7 +807,7 @@ menu options. Double bonus if it's cross-platform compatible.
749 807
 <li>
750 808
 <b>Make our diagrams beautiful and automated</b>
751 809
 <br />
752
-Priority: <i>High</i>
810
+Priority: <i>Medium</i>
753 811
 <br />
754 812
 Effort Level: <i>Low</i>
755 813
 <br />
... ...
@@ -757,10 +815,13 @@ Skill Level: <i>Low</i>
757 815
 <br />
758 816
 Likely Mentors: <i>Andrew</i>
759 817
 <br />
760
-a way to generate the website diagrams from source, so we can translate
761
-them as utf-8 text rather than with gimp. (svg? or imagemagick?)
762
-integrate this with a wml file so translations are easy and images are
763
-generated in multiple languages at web publish
818
+We need a way to generate the website diagrams (for example, the "How
819
+Tor Works" pictures on the <a href="<page overview>">overview page</a>
820
+from source, so we can translate them as UTF-8 text rather than edit
821
+them by hand with Gimp. We might want to
822
+integrate this as an wml file so translations are easy and images are
823
+generated in multiple languages whenever we build the website. See the
824
+"Translation Wiki" idea above.
764 825
 </li>
765 826
 
766 827
 <li>
... ...
@@ -776,19 +837,17 @@ Likely Mentors: <i>Anonym, Jacob, Roger</i>
776 837
 <br />
777 838
 How can we make the <a
778 839
 href="http://anonymityanywhere.com/incognito/">Incognito LiveCD</a>
779
-easier to maintain, improve, and document?</li>
780
-<li>We need a distributed testing framework. We have unit tests,
781
-but it would be great to have a script that starts up a Tor network, uses
782
-it for a while, and verifies that at least parts of it are working.</li>
840
+easier to maintain, improve, and document?
841
+</li>
783 842
 
784 843
 <li>
785 844
 <b>Bring up new ideas!</b>
786 845
 <br />
787 846
 Don't like any of these? Look at the <a
788 847
 href="<svnsandbox>doc/design-paper/roadmap-future.pdf">Tor development
789
-roadmap</a> for more ideas.<br /><br />
790
-Don't see your idea here? We probably need it anyway! Contact
791
-us and find out.</li>
848
+roadmap</a> for more ideas.
849
+</li>
850
+
792 851
 </ol>
793 852
 
794 853
 <h2><a class="anchor" href="#Coding">Coding and Design</a></h2>
795 854