Various changes on Pluggable Transports page: (b52347792) - tor-webwml.git

@@ -23,7 +23,7 @@
     </p>
 
     <p>
-    Pluggable transports transform the Tor traffic flow between the client
+    Pluggable Transports (PT) transform the Tor traffic flow between the client
     and the bridge. This way, censors who monitor traffic between the
     client and the bridge will see innocent-looking transformed traffic
     instead of the actual Tor traffic.
@@ -34,82 +34,101 @@ transport API</a>, to make it easier to build interoperable programs.
 
     <hr>
 
+    <h3>Currently deployed PTs</h3>
+    <p>
+      These Pluggable Transports are currently deployed in Tor Browser, and you can start using them by <a href="<page download/download-easy>">downloading and using Tor Browser</a>.
+    </p>
+    <!-- TODO: make a link to how to config TB to use PTs -->
+
       <ul>
 
-    <li><a href="<page projects/obfsproxy>"><b>Obfsproxy</b></a> is a Python framework for implementing new
-    pluggable transports. It uses Twisted for its networking needs, and
-    <a href="https://gitweb.torproject.org/pluggable-transports/pyptlib.git/tree/README.rst">pyptlib</a>
-    for some pluggable transport-related features. It supports the
-    <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs2/obfs2-protocol-spec.txt">obfs2</a>
-    and
-    <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs3/obfs3-protocol-spec.txt">obfs3</a>
-    pluggable transports. Maintained by asn. <br>
-    Status: <a href="#download">Deployed</a>
+        <li><a href="https://github.com/Yawning/obfs4/blob/master/doc/obfs4-spec.txt"><b>obfs4</b></a>
+        is a transport with the same features as <a href="http://www.cs.kau.se/philwint/scramblesuit/"><b>ScrambleSuit</b></a>
+        but utilizing Dan Bernstein's <a href="http://elligator.cr.yp.to/elligator-20130828.pdf">elligator2</b></a>
+        technique for public key obfuscation, and the
+        <a href="https://gitweb.torproject.org/torspec.git/tree/proposals/216-ntor-handshake.txt">ntor protocol</a>
+        for one-way authentication. This results in a faster protocol. Written in Go.
+        Maintained by Yawning Angel.
         </li>
+        <!-- TODO: update the link with repo hosted on git.tpo. and make a note that this client supports obfs3 -->
 
-    <li><a href="https://crypto.stanford.edu/flashproxy/"><b>Flashproxy</b></a> turns ordinary web browsers into bridges using
-    websockets, and has a little python stub to hook Tor clients to the
-    websocket connection. See its
-    <a href="https://gitweb.torproject.org/flashproxy.git">git repository</a>,
-    and
-    <a href="https://crypto.stanford.edu/flashproxy/flashproxy.pdf">design paper</a>.
+        <li><a href="https://trac.torproject.org/projects/tor/wiki/doc/meek"><b>meek</b></a>
+        is a transport that uses HTTP for carrying bytes and TLS for
+        obfuscation. Traffic is relayed through a third-party server
+        (​Google App Engine). It uses a trick to talk to the third party so
+        that it looks like it is talking to an unblocked server.
         Maintained by David Fifield.
-    # <iframe src="//crypto.stanford.edu/flashproxy/embed.html" width="80" height="15" frameborder="0" scrolling="no"></iframe>
-    <br>
-    Status: <a href="#download">Deployed</a>
         </li>
+        <!-- TODO: add more info about meek. include amazon and azure and maybe remove google for now -->
 
         <li><a href="https://fteproxy.org/"><b>Format-Transforming
         Encryption</b></a> (FTE) transforms Tor traffic to arbitrary
         formats using their language descriptions. See the <a
         href="https://kpdyer.com/publications/ccs2013-fte.pdf">research
-    paper</a>. <br> Status: <a href="#download">Deployed</a> </li>
+        paper</a>.</li>
 
         <li><a href="http://www.cs.kau.se/philwint/scramblesuit/"><b>ScrambleSuit</b></a>
         is a pluggable transport that protects
         against follow-up probing attacks and is also capable of changing
         its network fingerprint (packet length distribution,
         inter-arrival times, etc.). It's part of the Obfsproxy framework.
-    Maintained by Philipp Winter. <br>
-    Status: <em>To be deployed</em>
+        Maintained by Philipp Winter.
         </li>
 
-    <li><a href="https://trac.torproject.org/projects/tor/wiki/doc/meek"><b>Meek</b></a>
-    is a transport that uses HTTP for carrying bytes and TLS for
-    obfuscation. Traffic is relayed through a third-party server
-    (​Google App Engine). It uses a trick to talk to the third party so
-    that it looks like it is talking to an unblocked server.
-    Maintained by David Fifield. <br>
-    Status: <e>Coming soon</em>
-    </li>
-
-    <li><a href="https://github.com/Yawning/obfs4/blob/master/doc/obfs4-spec.txt"><b>obfs4</b></a>
-    is a transport with the same features as <a href="http://www.cs.kau.se/philwint/scramblesuit/"><b>ScrambleSuit</b></a>
-    but utilizing Dan Bernstein's <a href="http://elligator.cr.yp.to/elligator-20130828.pdf">elligator2</b></a>
-    technique for public key obfuscation, and the
-    <a href="https://gitweb.torproject.org/torspec.git/tree/proposals/216-ntor-handshake.txt">ntor protocol</a>
-    for one-way authentication. This results in a faster protocol. Written in Go.
-    Maintained by Yawning Angel. <br>
-    Status: <e>Coming soon</em>
-    </li>
-
-    <li><a href="https://github.com/yawning/obfsclient"><b>obfsclient</b></a>
+        <!-- TODO: it's unclear whether orbot still uses obfsclient or not;
+                   commenting out untill furthure notice -->
+        <!-- <li><a href="https://github.com/yawning/obfsclient"><b>obfsclient</b></a>
         is a multi-transport pluggable transport proxy (like obfsproxy),
         written in C++ that implements the client-side of <em>obfs2</em>,
         <em>obfs3</em> and <em>scramblesuit</em>. It's used by
         <a href="https://guardianproject.info/apps/orbot/">Orbot</a> on
         Android because of the difficulties of using Python applications.
         Maintained by Yawning Angel. <br>
-    Status: <a href="https://guardianproject.info/apps/orbot/">Deployed</a>
+        </li> -->
+
+      </ul>
+
+      <hr>
+
+      <h3>Deprecated PTs; Removed from Tor Browser</h3>
+
+      <ul>
+        <!-- TODO: add deprecation note for each PT -->
+        <li><a href="<page projects/obfsproxy>"><b>Obfsproxy</b></a> is a Python framework for implementing new
+        pluggable transports. It uses Twisted for its networking needs, and
+        <a href="https://gitweb.torproject.org/pluggable-transports/pyptlib.git/tree/README.rst">pyptlib</a>
+        for some pluggable transport-related features. It supports the
+        <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs2/obfs2-protocol-spec.txt">obfs2</a>
+        and
+        <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs3/obfs3-protocol-spec.txt">obfs3</a>
+        pluggable transports. Maintained by asn.
         </li>
 
+        <li><a href="https://crypto.stanford.edu/flashproxy/"><b>Flashproxy</b></a> turns ordinary web browsers into bridges using
+        websockets, and has a little python stub to hook Tor clients to the
+        websocket connection. See its
+        <a href="https://gitweb.torproject.org/flashproxy.git">git repository</a>,
+        and
+        <a href="https://crypto.stanford.edu/flashproxy/flashproxy.pdf">design paper</a>.
+        Maintained by David Fifield.
+        <!-- # <iframe src="//crypto.stanford.edu/flashproxy/embed.html" width="80" height="15" frameborder="0" scrolling="no"></iframe> -->
+        </li>
+
+      </ul>
+
+      <hr>
+
+      <h3>Undeployed PTs</h3>
+      <!-- TODO: move this section to wiki -->
+      <!-- TODO: add snowflake -->
+    <ul>
+
     <li><b>StegoTorus</b> is an Obfsproxy fork that extends it to a)
     split Tor streams across multiple connections to avoid packet size
     signatures, and b) embed the traffic flows in traces that look like
     html, javascript, or pdf. See its
     <a href="https://gitweb.torproject.org/stegotorus.git">git repository</a>.
     Maintained by Zack Weinberg. <br>
-    Status: <em>Undeployed</em>
     </li>
 
     <li><b>SkypeMorph</b> transforms Tor traffic flows so they look like
@@ -118,14 +137,12 @@ transport API</a>, to make it easier to build interoperable programs.
     and
     <a href="http://cacr.uwaterloo.ca/techreports/2012/cacr2012-08.pdf">design paper</a>.
     Maintained by Ian Goldberg. <br>
-    Status: <em>Undeployed</em>
     </li>
 
     <li><b>Dust</b> aims to provide a packet-based (rather than
     connection-based) DPI-resistant protocol. See its
     <a href="https://github.com/blanu/Dust">git repository</a>.
     Maintained by Brandon Wiley. <br>
-    Status: <em>Undeployed</em>
     </li>
 
     </ul>
@@ -137,22 +154,13 @@ transport API</a>, to make it easier to build interoperable programs.
     <hr>
 
     <p>
-    Our goal is to have a wide variety of pluggable transport designs.
+    Our goal is to have a wide variety of Pluggable Transport designs.
     Many are at the research phase now, so it's a perfect time to play
     with them or suggest new designs. Please let us know if you find or
     start other projects that could be useful for making Tor's traffic
     flows more DPI-resistant!
     </p>
 
-    <hr>
-    <a id="download"></a>
-    <h2><a href="<page download/download-easy>">Download the Pluggable Transports Tor Browser</a></h2>
-    <p>
-    As of Tor Browser 3.6-beta-1, pluggable transports are now included in the
-<a href="<page download/download-easy>">official
-Tor Browser packages</a>.
-    </p>
-
   </div>
   <!-- END MAINCOL -->
   <div id = "sidecol">


...	...	@@ -23,7 +23,7 @@
23	23	</p>
24	24
25	25	<p>
26		- Pluggable transports transform the Tor traffic flow between the client
	26	+ Pluggable Transports (PT) transform the Tor traffic flow between the client
27	27	and the bridge. This way, censors who monitor traffic between the
28	28	client and the bridge will see innocent-looking transformed traffic
29	29	instead of the actual Tor traffic.
...	...	@@ -34,82 +34,101 @@ transport API</a>, to make it easier to build interoperable programs.
34	34
35	35	<hr>
36	36
	37	+ <h3>Currently deployed PTs</h3>
	38	+ <p>
	39	+ These Pluggable Transports are currently deployed in Tor Browser, and you can start using them by <a href="<page download/download-easy>">downloading and using Tor Browser</a>.
	40	+ </p>
	41	+ <!-- TODO: make a link to how to config TB to use PTs -->
	42	+
37	43	<ul>
38	44
39		- <li><a href="<page projects/obfsproxy>"><b>Obfsproxy</b></a> is a Python framework for implementing new
40		- pluggable transports. It uses Twisted for its networking needs, and
41		- <a href="https://gitweb.torproject.org/pluggable-transports/pyptlib.git/tree/README.rst">pyptlib</a>
42		- for some pluggable transport-related features. It supports the
43		- <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs2/obfs2-protocol-spec.txt">obfs2</a>
44		- and
45		- <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs3/obfs3-protocol-spec.txt">obfs3</a>
46		- pluggable transports. Maintained by asn. <br>
47		- Status: <a href="#download">Deployed</a>
	45	+ <li><a href="https://github.com/Yawning/obfs4/blob/master/doc/obfs4-spec.txt"><b>obfs4</b></a>
	46	+ is a transport with the same features as <a href="http://www.cs.kau.se/philwint/scramblesuit/"><b>ScrambleSuit</b></a>
	47	+ but utilizing Dan Bernstein's <a href="http://elligator.cr.yp.to/elligator-20130828.pdf">elligator2</b></a>
	48	+ technique for public key obfuscation, and the
	49	+ <a href="https://gitweb.torproject.org/torspec.git/tree/proposals/216-ntor-handshake.txt">ntor protocol</a>
	50	+ for one-way authentication. This results in a faster protocol. Written in Go.
	51	+ Maintained by Yawning Angel.
48	52	</li>
	53	+ <!-- TODO: update the link with repo hosted on git.tpo. and make a note that this client supports obfs3 -->
49	54
50		- <li><a href="https://crypto.stanford.edu/flashproxy/"><b>Flashproxy</b></a> turns ordinary web browsers into bridges using
51		- websockets, and has a little python stub to hook Tor clients to the
52		- websocket connection. See its
53		- <a href="https://gitweb.torproject.org/flashproxy.git">git repository</a>,
54		- and
55		- <a href="https://crypto.stanford.edu/flashproxy/flashproxy.pdf">design paper</a>.
	55	+ <li><a href="https://trac.torproject.org/projects/tor/wiki/doc/meek"><b>meek</b></a>
	56	+ is a transport that uses HTTP for carrying bytes and TLS for
	57	+ obfuscation. Traffic is relayed through a third-party server
	58	+ (Google App Engine). It uses a trick to talk to the third party so
	59	+ that it looks like it is talking to an unblocked server.
56	60	Maintained by David Fifield.
57		- # <iframe src="//crypto.stanford.edu/flashproxy/embed.html" width="80" height="15" frameborder="0" scrolling="no"></iframe>
58		- <br>
59		- Status: <a href="#download">Deployed</a>
60	61	</li>
	62	+ <!-- TODO: add more info about meek. include amazon and azure and maybe remove google for now -->
61	63
62	64	<li><a href="https://fteproxy.org/"><b>Format-Transforming
63	65	Encryption</b></a> (FTE) transforms Tor traffic to arbitrary
64	66	formats using their language descriptions. See the <a
65	67	href="https://kpdyer.com/publications/ccs2013-fte.pdf">research
66		- paper</a>. <br> Status: <a href="#download">Deployed</a> </li>
	68	+ paper</a>.</li>
67	69
68	70	<li><a href="http://www.cs.kau.se/philwint/scramblesuit/"><b>ScrambleSuit</b></a>
69	71	is a pluggable transport that protects
70	72	against follow-up probing attacks and is also capable of changing
71	73	its network fingerprint (packet length distribution,
72	74	inter-arrival times, etc.). It's part of the Obfsproxy framework.
73		- Maintained by Philipp Winter. <br>
74		- Status: <em>To be deployed</em>
	75	+ Maintained by Philipp Winter.
75	76	</li>
76	77
77		- <li><a href="https://trac.torproject.org/projects/tor/wiki/doc/meek"><b>Meek</b></a>
78		- is a transport that uses HTTP for carrying bytes and TLS for
79		- obfuscation. Traffic is relayed through a third-party server
80		- (Google App Engine). It uses a trick to talk to the third party so
81		- that it looks like it is talking to an unblocked server.
82		- Maintained by David Fifield. <br>
83		- Status: <e>Coming soon</em>
84		- </li>
85		-
86		- <li><a href="https://github.com/Yawning/obfs4/blob/master/doc/obfs4-spec.txt"><b>obfs4</b></a>
87		- is a transport with the same features as <a href="http://www.cs.kau.se/philwint/scramblesuit/"><b>ScrambleSuit</b></a>
88		- but utilizing Dan Bernstein's <a href="http://elligator.cr.yp.to/elligator-20130828.pdf">elligator2</b></a>
89		- technique for public key obfuscation, and the
90		- <a href="https://gitweb.torproject.org/torspec.git/tree/proposals/216-ntor-handshake.txt">ntor protocol</a>
91		- for one-way authentication. This results in a faster protocol. Written in Go.
92		- Maintained by Yawning Angel. <br>
93		- Status: <e>Coming soon</em>
94		- </li>
95		-
96		- <li><a href="https://github.com/yawning/obfsclient"><b>obfsclient</b></a>
	78	+ <!-- TODO: it's unclear whether orbot still uses obfsclient or not;
	79	+ commenting out untill furthure notice -->
	80	+ <!-- <li><a href="https://github.com/yawning/obfsclient"><b>obfsclient</b></a>
97	81	is a multi-transport pluggable transport proxy (like obfsproxy),
98	82	written in C++ that implements the client-side of <em>obfs2</em>,
99	83	<em>obfs3</em> and <em>scramblesuit</em>. It's used by
100	84	<a href="https://guardianproject.info/apps/orbot/">Orbot</a> on
101	85	Android because of the difficulties of using Python applications.
102	86	Maintained by Yawning Angel. <br>
103		- Status: <a href="https://guardianproject.info/apps/orbot/">Deployed</a>
	87	+ </li> -->
	88	+
	89	+ </ul>
	90	+
	91	+ <hr>
	92	+
	93	+ <h3>Deprecated PTs; Removed from Tor Browser</h3>
	94	+
	95	+ <ul>
	96	+ <!-- TODO: add deprecation note for each PT -->
	97	+ <li><a href="<page projects/obfsproxy>"><b>Obfsproxy</b></a> is a Python framework for implementing new
	98	+ pluggable transports. It uses Twisted for its networking needs, and
	99	+ <a href="https://gitweb.torproject.org/pluggable-transports/pyptlib.git/tree/README.rst">pyptlib</a>
	100	+ for some pluggable transport-related features. It supports the
	101	+ <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs2/obfs2-protocol-spec.txt">obfs2</a>
	102	+ and
	103	+ <a href="https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/tree/doc/obfs3/obfs3-protocol-spec.txt">obfs3</a>
	104	+ pluggable transports. Maintained by asn.
104	105	</li>
105	106
	107	+ <li><a href="https://crypto.stanford.edu/flashproxy/"><b>Flashproxy</b></a> turns ordinary web browsers into bridges using
	108	+ websockets, and has a little python stub to hook Tor clients to the
	109	+ websocket connection. See its
	110	+ <a href="https://gitweb.torproject.org/flashproxy.git">git repository</a>,
	111	+ and
	112	+ <a href="https://crypto.stanford.edu/flashproxy/flashproxy.pdf">design paper</a>.
	113	+ Maintained by David Fifield.
	114	+ <!-- # <iframe src="//crypto.stanford.edu/flashproxy/embed.html" width="80" height="15" frameborder="0" scrolling="no"></iframe> -->
	115	+ </li>
	116	+
	117	+ </ul>
	118	+
	119	+ <hr>
	120	+
	121	+ <h3>Undeployed PTs</h3>
	122	+ <!-- TODO: move this section to wiki -->
	123	+ <!-- TODO: add snowflake -->
	124	+ <ul>
	125	+
106	126	<li><b>StegoTorus</b> is an Obfsproxy fork that extends it to a)
107	127	split Tor streams across multiple connections to avoid packet size
108	128	signatures, and b) embed the traffic flows in traces that look like
109	129	html, javascript, or pdf. See its
110	130	<a href="https://gitweb.torproject.org/stegotorus.git">git repository</a>.
111	131	Maintained by Zack Weinberg. <br>
112		- Status: <em>Undeployed</em>
113	132	</li>
114	133
115	134	<li><b>SkypeMorph</b> transforms Tor traffic flows so they look like
...	...	@@ -118,14 +137,12 @@ transport API</a>, to make it easier to build interoperable programs.
118	137	and
119	138	<a href="http://cacr.uwaterloo.ca/techreports/2012/cacr2012-08.pdf">design paper</a>.
120	139	Maintained by Ian Goldberg. <br>
121		- Status: <em>Undeployed</em>
122	140	</li>
123	141
124	142	<li><b>Dust</b> aims to provide a packet-based (rather than
125	143	connection-based) DPI-resistant protocol. See its
126	144	<a href="https://github.com/blanu/Dust">git repository</a>.
127	145	Maintained by Brandon Wiley. <br>
128		- Status: <em>Undeployed</em>
129	146	</li>
130	147
131	148	</ul>
...	...	@@ -137,22 +154,13 @@ transport API</a>, to make it easier to build interoperable programs.
137	154	<hr>
138	155
139	156	<p>
140		- Our goal is to have a wide variety of pluggable transport designs.
	157	+ Our goal is to have a wide variety of Pluggable Transport designs.
141	158	Many are at the research phase now, so it's a perfect time to play
142	159	with them or suggest new designs. Please let us know if you find or
143	160	start other projects that could be useful for making Tor's traffic
144	161	flows more DPI-resistant!
145	162	</p>
146	163
147		- <hr>
148		- <a id="download"></a>
149		- <h2><a href="<page download/download-easy>">Download the Pluggable Transports Tor Browser</a></h2>
150		- <p>
151		- As of Tor Browser 3.6-beta-1, pluggable transports are now included in the
152		-<a href="<page download/download-easy>">official
153		-Tor Browser packages</a>.
154		- </p>
155		-
156	164	</div>
157	165	<!-- END MAINCOL -->
158	166	<div id = "sidecol">
159	167