finish first round of polishing. whew. (758bd9b2f) - tor-webwml.git

en/volunteer.wml
@@ -95,7 +95,7 @@ Farsi translations, for the many Tor users in censored areas.</li>
 <p>
 You may find some of these projects to be good <a href="<page
 gsoc>">Google Summer of Code 2008</a> ideas. We have labelled each idea
-with how important it is to the overall Tor project to get this started
+with how useful it would be to the overall Tor project
 (priority), how much work we expect it would be (effort level), how much
 clue you should start with (skill level), and which of our <a href="<page
 people>#Core">core developers</a> would be good mentors.
@@ -114,7 +114,7 @@ Skill Level: <i>High</i>
 <br />
 Likely Mentors: <i>Matt, Jacob</i>
 <br />
-We're in need of a good updating framework. 
+We're in need of a good authenticated-update framework.
 Vidalia already has the ability to notice when the user is running an
 outdated or unrecommended version of Tor, using signed statements inside
 the Tor directory information. Currently, Vidalia simply pops
@@ -138,7 +138,7 @@ an existing one) and test it.
 <br />
 A student undertaking this project should have good C++ development
 experience. Previous experience with Qt is helpful, but not required. The
-student should also have a basic understanding of common security
+student should also have a good understanding of common security
 practices, such as package signature verification. Good writing ability
 is also important for this project, since a vital step of the project
 will be producing a design document for others to review and discuss
@@ -220,7 +220,8 @@ to be able to change Tor's configuration (torrc) even though it is
 located in <code>/etc/tor/torrc</code> and thus immutable. The best
 idea we've come up with so far is to feed Tor a new configuration via
 the ControlSocket when Vidalia starts, but that's bad because Tor starts
-with a different configuration than the user wants. The second best idea
+each boot with a different configuration than the user wants. The second
+best idea
 we've come up with is for Vidalia to write out a temporary torrc file
 and ask the user to manually move it to <code>/etc/tor/torrc</code>,
 but that's bad because users shouldn't have to mess with files directly.
@@ -242,8 +243,8 @@ Skill Level: <i>Medium</i>
 Likely Mentors: <i>Matt, Roger</i>
 <br />
 There are a number of status changes inside Tor of which the user may need
-to be informed. For example, if the user is trying to set up a Tor
-relay and Tor decides the user's relay is not reachable from outside
+to be informed. For example, if the user is trying to set up his Tor as a
+relay and Tor decides that its ports are not reachable from outside
 the user's network, we should alert the user. Currently, all the user
 gets is a couple log messages in Vidalia's 'message log' window, which they
 likely never see since they don't receive a notification that something
@@ -274,7 +275,7 @@ design/Photoshop fu, since we might want/need some shiny new icons too.
 </li>
 
 <li>
-<b>A Translation Wiki</b>
+<b>Translation Wiki</b>
 <br />
 Priority: <i>High</i>
 <br />
@@ -284,24 +285,28 @@ Skill Level: <i>Medium</i>
 <br />
 Likely Mentors: <i>Jacob</i>
 <br />
-We need a way to edit and translate sections of the website &mdash;
-possibly resulting in a patch for the official svn tree. The current
-"cost" of publication of website changes is quite high even for English
-language users. They need to check out our template files, translate them,
-and send us the translation. For a single word change or any type of
+We need a way to edit and translate sections of the website. Currently
+the website is made up of a bunch of <a href="<svnsandbox>website/en/">wml
+files</a>, and <a href="<page translation>">translators</a> fetch these
+wml files, translate them in an editor, and either send us the translation
+or use svn to commit them back. The current "cost" of publication of
+website changes is quite high even for English language users. For a
+single word change or any type of
 minor change, the page may never be corrected or translated.  It would
 be nice to have a wiki that was specifically geared towards translation
 and would somehow track the upstream (English) versions to indicate when
-a fresh translation is needed. This seems mostly like a job for a wiki
+a fresh translation is needed, like our current
+<a href="<page translation-status>">translation status page</a>. This
+seems mostly like a job for a wiki
 integrator or wiki software author. Certainly the person would need to
 be interested in human languages and translation. They should at least
-be minimally familiar with what Tor is but would not have to interact
-with the software, only the documentation on the website.
+be minimally familiar with what Tor is; but they would not have to interact
+with the software, only the documentation and the website.
 </li>
 
 <li>
 <b>Improvements on our active browser configuration tester</b> - 
-<a href="https://check.torproject.org">https://check.torproject.org</a>
+<a href="https://check.torproject.org/">https://check.torproject.org/</a>
 <br />
 Priority: <i>Medium</i>
 <br />
@@ -309,24 +314,30 @@ Effort Level: <i>Low</i>
 <br />
 Skill Level: <i>Low to Medium</i>
 <br />
-Likely Mentors: <i>Jacob</i>
+Likely Mentors: <i>Jacob, Steven</i>
 <br />
 We currently have a functional web page to detect if Tor is working. It
 is has a few places where it falls short. It requires improvements with
 regard to default languages and functionality. It currently only responds
 in English. In addition, it is a hack of a perl script that should have
 never seen the light of day. It should probably be rewritten in python
-with multi-lingual support in mind. It currently uses the Tor DNS exit
-list and should continue to do so in the future. It may result in certain
+with multi-lingual support in mind. It currently uses the <a
+href="http://exitlist.torproject.org/">Tor DNS exit list</a>
+and should continue to do so in the future. It currently result in certain
 false positives and these should be discovered, documented, and fixed
 where possible. Anyone working on this project should be interested in
 DNS, basic perl or preferably python programming skills and will have
 to interact minimally with Tor to test their code.
+<br />
+If you want to make the project more exciting
+and involve more design and coding, take a look at <a
+href="<svnsandbox>doc/spec/proposals/131-verify-tor-usage.txt">proposal
+131-verify-tor-usage.txt</a>.
 </li>
 
 <li>
 <b>Improvements on our DNS Exit List service</b> - 
-<a href="http://exitlist.torproject.org">http://exitlist.torproject.org</a>
+<a href="http://exitlist.torproject.org/">http://exitlist.torproject.org/</a>
 <br />
 Priority: <i>Medium</i>
 <br />
@@ -336,10 +347,11 @@ Skill Level: <i>Low</i>
 <br />
 Likely Mentors: <i>Jacob, Tup</i>
 <br />
-The exitlist software is written by our fabulous anonymous
+The <a href="http://p56soo2ibjkx23xo.onion/">exitlist software</a>
+is written by our fabulous anonymous
 contributer Tup. It's a DNS server written in Haskell that supports part of our <a
 href="https://www.torproject.org/svn/trunk/doc/contrib/torel-design.txt">exitlist
-design document</a>. Currently, it's functional and it is used by
+design document</a>. Currently, it is functional and it is used by
 check.torproject.org and other users. The issues that are outstanding
 are mostly aesthetic. This wonderful service could use a much better
 website using the common Tor theme. It would be best served with better
@@ -361,24 +373,26 @@ Effort Level: <i>Medium</i>
 <br />
 Skill Level: <i>Medium</i>
 <br />
-Likely Mentors: <i>Jacob, Mike</i>
+Likely Mentors: <i>Jacob, Mike, Greg</i>
 <br />
-The Tor project currently lacks a solid test to ensure that a
-user has a properly configured web browser. It should test for as
+The Tor project currently lacks a solid test suite to ensure that a
+user has a properly and safely configured web browser. It should test for as
 many known issues as possible. It should attempt to decloak the
 user in any way possible.  Two current webpages that track these
-kinds of issues are run by Greg and HD Moore. Greg keeps a nice <a
+kinds of issues are run by Greg Fleischer and HD Moore. Greg keeps a nice <a
 href="http://pseudo-flaw.net/tor/torbutton/">list of issues along
 with their proof of concept code, bug issues, etc</a>. HD Moore runs
 the <a href="http://metasploit.com/research/projects/decloak/">metasploit
-decloak website</a>. A person interested in attacking Tor could start
+decloak website</a>. A student interested in defending Tor could start
 by collecting as many workable and known methods for decloaking a
-Tor user. The person should be familiar with the common pitfalls but
+Tor user. (<a href="https://torcheck.xenobite.eu/">This page</a> may
+be helpful as a start.) The student should be familiar with the common
+pitfalls but
 possibly have new methods in mind for implementing decloaking issues. The
 website should ensure that it tells a user what their problem is. It
 should help them to fix the problem or direct them to the proper support
-channels. The person should be closely familiar with using Tor and how
-to prevent Tor leakage.
+channels. The student should be closely familiar with using Tor and how
+to prevent Tor information leakage.
 </li>
 
 <li>
@@ -388,15 +402,25 @@ Priority: <i>High</i>
 <br />
 Effort Level: <i>High</i>
 <br />
-Skill Level: <i>Medium to High</i>
+Skill Level: <i>High</i>
 <br />
-Likely Mentors: <i>Roger</i>
+Likely Mentors: <i>Nick</i>
 <br />
 Tor needs even better censorship resistance mechanisms.  There are
-several mechanisms that can help.  Tor should be able listen on multiple
-addresses and ports, and allow clients to connect to all of them.
-Tor should be able to appear like a webserver (HTTP or HTTPS) when
-contacted by port-scanning tools.
+several mechanisms that can help.  Tor should be able to
+<a href="<svnsandbox>doc/spec/proposals/118-multiple-orports.txt">listen
+on multiple
+addresses and ports</a>, and allow clients to connect to all of them.
+Tor relays and
+<a href="<svnsandbox>doc/spec/proposals/125-bridges.txt">Tor bridges</a>
+should be able to
+<a href="<svnsandbox>doc/design-paper/blocking.html#tth_sEc9.3">appear like
+a webserver</a> (HTTP or HTTPS) when contacted by port-scanning tools.
+<br />
+This project involves a lot of research and design. One of the big
+challenges will be identifying and crafting approaches that can still
+resist an adversary even after the adversary knows the design, and
+then trading off censorship resistance with usability and robustness.
 </li>
 
 <li>
@@ -413,7 +437,7 @@ Likely Mentors: <i>Nick</i>
 Tor should make better use of the more recent features of Niels Provos's
 Libevent library.  Libevent already provides HTTP and socket buffers;
 Tor's code for those could be replaced.  We'll need to improve libevent's
-code as needed; particularly, to add good openssl support on top of
+code as needed &mdash; in particular to add good openssl support on top of
 libevent's buffer abstraction.
 </li>
 
@@ -426,7 +450,7 @@ Effort Level: <i>Medium</i>
 <br />
 Skill Level: <i>Medium to High</i>
 <br />
-Likely Mentors: <i>Roger</i>
+Likely Mentors: <i>Nick, Roger, Mike</i>
 <br />
 Tor should possibly measure bandwidth in a distributed way, as in the
 <a href="http://freehaven.net/anonbib/">"A Tuneup for Tor"</a> paper
@@ -437,6 +461,7 @@ into the Tor network without adding undesirable n^2 traffic properties
 at the directory authorities.
 </li>
 
+<!--
 <li>
 <b>Improving the Tor QA process: Continuous Integration for Windows builds</b>
 <br />
@@ -470,8 +495,9 @@ our regular integration and compile testing already,
 but we need to get our network simulation tests (as built in torflow)
 updated for more recent versions of Tor, and designed to launch a test
 network either on a single machine, or across several, so we can test
-changes in performance on machines in different roles automatically.<br />
+changes in performance on machines in different roles automatically.
 </li>
+-->
 
 <li>
 <b>Improve our unit testing process</b>
@@ -488,18 +514,20 @@ Tor needs to be far more tested.  This is a multi-part effort.  To start
 with, our unit test coverage should rise substantially, especially in
 the areas outside the utility functions.  This will require significant
 refactoring of some parts of Tor, in order to dissociate as much logic
-as possible from globals.<br />
+as possible from globals.
+<br />
 Additionally, we need to automate our performance testing.  We've got
-buildbot (except on Windows &mdash; see above) to automate our regular 
-integration and compile testing already,
-but we need to get our network simulation tests (as built in torflow)
+buildbot to automate our regular integration and compile testing already
+(though we need somebody to set it up on Windows),
+but we need to get our network simulation tests (as built in TorFlow: see
+the "Tor Node Scanner improvements" item)
 updated for more recent versions of Tor, and designed to launch a test
 network either on a single machine, or across several, so we can test
-changes in performance on machines in different roles automatically.<br />
+changes in performance on machines in different roles automatically.
 </li>
 
 <li>
-<b>Help revive the Java community around Tor</b>
+<b>Help revive an independent Tor client implementation</b>
 <br />
 Priority: <i>Medium</i>
 <br />
@@ -507,7 +535,7 @@ Effort Level: <i>High</i>
 <br />
 Skill Level: <i>Medium to High</i>
 <br />
-Likely Mentors: <i>Karsten</i>
+Likely Mentors: <i>Karsten, Nick</i>
 <br />
 Reanimate one of the approaches to implement a Tor client in Java,
 e.g. the <a href="http://onioncoffee.sourceforge.net/">OnionCoffee
@@ -517,8 +545,9 @@ would be to port the existing code and execute it in an Android
 environment. Next, the code should be updated to support the newer Tor
 protocol versions like the <a href="<svnsandbox>doc/spec/dir-spec.txt">v3
 directory protocol</a>. Further, support for requesting or even
-providing Tor hidden services would be neat, but not required. The
-student should be able to understand and write new Java code, including
+providing Tor hidden services would be neat, but not required.
+<br />
+The student should be able to understand and write new Java code, including
 a Java cryptography API. Being able to read C code would be helpful,
 too. The student should be willing to read the existing documentation,
 implement code based on it, and refine the documentation
@@ -527,7 +556,7 @@ to a small degree about design.
 </li>
 
 <li>
-<b>Become the PuppeTor Master</b>
+<b>Automatic system tests and automatically starting private Tor networks</b>
 <br />
 Priority: <i>Medium</i>
 <br />
@@ -535,7 +564,7 @@ Effort Level: <i>Medium</i>
 <br />
 Skill Level: <i>Medium</i>
 <br />
-Likely Mentors: <i>Karsten, Roger</i>
+Likely Mentors: <i>Karsten, Nick, Roger</i>
 <br />
 Write a tool that runs automatic system tests in addition
 to the existing unit tests. The Java-based Tor simulator <a
@@ -546,9 +575,11 @@ project requires to conceive a blueprint for performing system tests
 of private Tor networks, before starting to code. Typical types of
 tests range from performing single requests over the private network to
 manipulating exchanged messages and see if nodes handle corrupt messages
-appropriately. The student should be able to obtain a good understanding
+appropriately.
+<br />
+The student should be able to obtain a good understanding
 of how Tor works and what problems and bugs could arise to design good
-test cases. Understanding the existing Tor code and documentation is
+test cases. Understanding the existing Tor code structure and documentation is
 vital. If PuppeTor is used, the student should also be able to understand
 and possibly extend an existing Java application. This project is partly
 about design and partly about coding.
@@ -571,13 +602,14 @@ to monitor a local Tor relay via its control port and include useful
 system information of the underlying machine. When running this tool, it
 would dynamically update its content like top does for Linux processes.
 <a href="http://archives.seul.org/or/dev/Jan-2008/msg00005.html">This
-or-dev post</a> might be a good first read. The student should be familiar
+or-dev post</a> might be a good first read.
+<br />
+The student should be familiar
 with or willing to learn about administering a Tor relay and configuring
 it via its control port. As an initial prototype is written in Python,
 some knowledge about writing Python code would be helpful, too. This
-project is for the one part about identifying requirements to such a
-tool and designing its interface; but on the other part, the project
-also requires a lot of coding.
+project is one part about identifying requirements to such a
+tool and designing its interface, and one part lots of coding.
 </li>
 
 <li>
@@ -589,10 +621,13 @@ Effort Level: <i>High</i>
 <br />
 Skill Level: <i>High</i>
 <br />
-Likely Mentors: <i>Mike Perry</i>
+Likely Mentors: <i>Mike</i>
 <br />
 The Tor exit node scanner 'SoaT', part of the <a
-href="https://www.torproject.org/svn/torflow/">Torflow project</a>, is
+href="<svnsandbox>torflow/">Torflow project</a>, makes connections out
+of each Tor exit node and compares the content it gets back with what it
+"should" get back. The goal is to notice misconfigured, broken, and even
+malicious exit relays. Alas, the code is
 currently written in rather rickety perl and relies on MD5sums of
 entire documents in order to determine if exit nodes are modifying
 content. The problem with this is threefold: 1) Perl sucks at life.
@@ -602,8 +637,8 @@ Pages change after a while (or based on GeoIP) and begin generating
 false positives.
 <br />
 Ideally, soat.pl would be reimplemented in a sane language with a
-robust html parser library (since the rest of Torflow is in Python,
-that would be nice, but not required), and calculate signatures only for
+robust html parser library (since the rest of Torflow is in Python
+that would be nice, but it is not required), and calculate signatures only for
 tags and content likely to be targeted by a malicious attacker (script
 tags, object links, images, css). It should also be robust in the face of
 changes to content outside of Tor, and ultimately even GeoIP localized
@@ -617,18 +653,18 @@ setting.
 <li>
 <b>Tor Node Scanner improvements</b>
 <br />
-Priority: <i>Medium</i>
+Priority: <i>High</i>
 <br />
 Effort Level: <i>Medium to High</i>
 <br />
 Skill Level: <i>Medium to High</i>
 <br />
-Likely Mentors: <i>Mike Perry</i>
+Likely Mentors: <i>Mike</i>
 <br />
 Similar to the exit scanner (or perhaps even during exit scanning),
 statistics can be gathered about the reliability of nodes. Nodes that
-fail a certain percentage of their circuits should not be used for
-Guard status, and perhaps should have their reported bandwidth
+fail too high a percentage of their circuits should not be given
+Guard status. Perhaps they should have their reported bandwidth
 penalized by some ratio as well, or just get marked as Invalid. In
 addition, nodes that exhibit a very low average stream capacity but
 advertise a very high node bandwidth can also be marked as Invalid.
@@ -641,13 +677,43 @@ In addition, these same statistics can be gathered about the traffic
 through a node. Events can be added to the <a
 href="https://www.torproject.org/svn/torctl/doc/howto.txt">Tor Control
 Protocol</a> to
-report if a circuit extend through the node succeeds or fails, and
+report if a circuit extend attempt through the node succeeds or fails, and
 passive statistics can be gathered on both bandwidth and reliability
 of other nodes via a node-based monitor using these events. Such a
 scanner would also report information on oddly-behaving nodes to
 the Directory Authorities, but a communication channel for this
 currently does not exist and would need to be developed as well.
 </li>
+
+<li>
+<b>Help track the overall Tor Network status</b>
+<br />
+Priority: <i>High</i>
+<br />
+Effort Level: <i>Medium</i>
+<br />
+Skill Level: <i>Medium</i>
+<br />
+Likely Mentors: <i>Roger, Nick, Mike</i>
+<br />
+It would be great to set up an automated system for tracking network
+health over time, graphing it, etc. Part of this project would involve
+inventing better metrics for assessing network health and growth. Is the
+average uptime of the network increasing? How many relays are qualifying
+for Guard status this month compared to last month? What's the turnover
+in terms of new relays showing up and relays shutting off? Periodically
+people collect brief snapshots, but where it gets really interesting is
+when we start tracking data points over time.
+<br />
+Data could be collected from the "Tor Node Scanner" item above, from
+the server descriptors that each relay publishes, and from other
+sources. Results over time could be integrated into one of the <a
+href="https://torstatus.blutmagie.de/">Tor Status</a> web pages, or be
+kept separate. Speaking of the Tor Status pages, take a look at Roger's
+<a href="http://archives.seul.org/or/talk/Jan-2008/msg00300.html">Tor
+Status wish list</a>.
+</li>
+
 <li>
 <b>Tor path selection improvements</b>
 <br />
@@ -664,8 +730,9 @@ improve Tor speed. For instance, some of the (unofficial) <a
 href="http://wiki.noreply.org/noreply/TheOnionRouter/FireFoxTorPerf">Tor
 Performance Recommendations</a> on the wiki are to increase the number of
 guards and decrease the CircuitBuildTimeout. Ideally, the client would
-learn these values by gathering statistics on circuit construction
-time (and/or using values gained from Torflow), and set the timeouts
+<a href="http://archives.seul.org/or/talk/Feb-2008/msg00012.html">learn
+these values by gathering statistics on circuit construction
+time</a> (and/or using values gained from Torflow), and set the timeouts
 low enough such that some high percentile (75%, 90%, 1-stddev?) of
 circuits succeed, yet extremely slow nodes are avoided. This would
 involve some statistics gathering+basic research, and some changes to 
@@ -675,11 +742,14 @@ In addition, to improve path security, some elements from the <a
 href="http://www.torproject.org/svn/trunk/doc/spec/proposals/115-two-hop-paths.txt">Two
 Hop Paths proposal</a> could be done as part of this (since it will
 likely touch the same code anyways), regardless of the adoption of
-that proposal. In particular, clients probably should avoid guards that seem to
-fail an excessive percentage of their circuits through them, and non-bridged
-clients should issue a warn if they are only able to connect to a limited set
-of guard nodes.
+that proposal. In particular, clients probably should avoid guards that
+seem to fail an excessive percentage of their circuits through them,
+and non-firewalled clients should issue a warning if they are only able
+to connect to a limited set of guard nodes. See also
+<a href="http://archives.seul.org/or/dev/Feb-2008/msg00003.html">this
+or-dev post</a>.
 </li>
+
 <li>
 <b>Torbutton improvements</b>
 <br />
@@ -689,9 +759,8 @@ Effort Level: <i>High</i>
 <br />
 Skill Level: <i>High</i>
 <br />
-Likely Mentors: <i>Mike Perry</i>
+Likely Mentors: <i>Mike</i>
 <br/>
-
 Torbutton has a number of improvements that can be made in the post-1.2
 timeframe. Most of these are documented as feature requests in the <a
 href="https://bugs.torproject.org/flyspray/index.php?tasks=all&project=5">Torbutton
@@ -708,33 +775,24 @@ else you might think of.
 This work would be independent coding in Javascript and the fun world of <a
 href="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">XUL</a>,
 with not too much involvement in the Tor internals.
-
-</li>
-<li>
-<b>Help track the overall Tor Network status</b>
-Torstatus. Set up an automated system for tracking network health
-over time, graphing it, etc. Better metrics for assessing network
-health and growth. Make it short and simple. Unbloated and easy to audit.
 </li>
 
-<li>vidalia and upnp</li>
-<li>nymble</li>
-
 <li>
 <b>Porting Polipo to Windows</b>
 <br />
-Priority: <i>High</i>
+Priority: <i>Medium</i>
 <br />
-Effort Level: <i>High</i>
+Effort Level: <i>Medium</i>
 <br />
 Skill Level: <i>Medium to High</i>
 <br />
-Likely Mentors: <i>Steven, Roger</i>
+Likely Mentors: <i>Andrew, Steven, Roger</i>
 <br />
 Help port <a
 href="http://www.pps.jussieu.fr/~jch/software/polipo/">Polipo</a> to
-Windows. 1) handle spaces in path names and understand the filesystem
-namespace &mdash; namespace meaning where application data, personal data,
+Windows. Example topics to tackle include:
+1) handle spaces in path names and understand the filesystem
+namespace &mdash; that is, where application data, personal data,
 and program data typically reside in various versions of Windows. 2) the
 ability to handle ipv6 communications. 3) the ability to asynchronously
 query name servers, find the system nameservers, and manage netbios
@@ -749,7 +807,7 @@ menu options. Double bonus if it's cross-platform compatible.
 <li>
 <b>Make our diagrams beautiful and automated</b>
 <br />
-Priority: <i>High</i>
+Priority: <i>Medium</i>
 <br />
 Effort Level: <i>Low</i>
 <br />
@@ -757,10 +815,13 @@ Skill Level: <i>Low</i>
 <br />
 Likely Mentors: <i>Andrew</i>
 <br />
-a way to generate the website diagrams from source, so we can translate
-them as utf-8 text rather than with gimp. (svg? or imagemagick?)
-integrate this with a wml file so translations are easy and images are
-generated in multiple languages at web publish
+We need a way to generate the website diagrams (for example, the "How
+Tor Works" pictures on the <a href="<page overview>">overview page</a>
+from source, so we can translate them as UTF-8 text rather than edit
+them by hand with Gimp. We might want to
+integrate this as an wml file so translations are easy and images are
+generated in multiple languages whenever we build the website. See the
+"Translation Wiki" idea above.
 </li>
 
 <li>
@@ -776,19 +837,17 @@ Likely Mentors: <i>Anonym, Jacob, Roger</i>
 <br />
 How can we make the <a
 href="http://anonymityanywhere.com/incognito/">Incognito LiveCD</a>
-easier to maintain, improve, and document?</li>
-<li>We need a distributed testing framework. We have unit tests,
-but it would be great to have a script that starts up a Tor network, uses
-it for a while, and verifies that at least parts of it are working.</li>
+easier to maintain, improve, and document?
+</li>
 
 <li>
 <b>Bring up new ideas!</b>
 <br />
 Don't like any of these? Look at the <a
 href="<svnsandbox>doc/design-paper/roadmap-future.pdf">Tor development
-roadmap</a> for more ideas.<br /><br />
-Don't see your idea here? We probably need it anyway! Contact
-us and find out.</li>
+roadmap</a> for more ideas.
+</li>
+
 </ol>
 
 <h2><a class="anchor" href="#Coding">Coding and Design</a></h2>
