17:04:30 #startmeeting weekly network team meeting 17:04:30 Meeting started Mon Oct 17 17:04:30 2016 UTC. The chair is nickm. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:04:30 Useful Commands: #action #agreed #help #info #idea #link #topic. 17:04:44 I've recently seen dgoulet and asn and femme. 17:04:53 athena: ping? 17:04:56 Yes, I'm here 17:05:01 (Expecting Yawning and teor are busy.) 17:05:12 Just pinged isabela 17:05:15 o/ 17:05:20 (Expecting mikeperry and armadev are busy) 17:05:26 I'm here too 17:05:31 hi Sebastian ! 17:05:36 welcome all! 17:05:38 hello 17:05:41 hi isis ! 17:05:51 hello :) 17:05:54 Last week I: answered too many emails, did too many bureaucracies, and got our module-documentation coverage up by a lot. (Have a look at aae034d13e458dfe82b.) I did a code-review on a bunch of branches, and worked on a fix for TROVE-2016-10-001. 17:05:57 hey all 17:06:09 This morning I named the TROVE registry, repaired the cronjob that builds the tor-guts thing on my personal website, started working on the upcoming releases, answered more email, etc. 17:06:13 Today I will try to get releases and patches out. 17:06:20 review 17:06:26 I will also try to do more review 17:06:32 so TROVE is what we're calling TSA? 17:06:59 (Tor Service Advisory) 17:07:15 Once review and release is done, I plan to split 0.2.9 off, merge merge-ready stuff into 0.3.0, finish review on mikeperry's netflow, finish #15056 at long last, do guard stuff, continue to improve docs, 17:07:20 err, s/Service/Security/ 17:07:28 i am veeeeery jetlagged 17:07:31 isis: yeah, https://trac.torproject.org/projects/tor/wiki/TROVE 17:07:41 cool :) 17:07:45 https://trac.torproject.org/projects/tor/ticket/20383 17:07:48 Tor Registry Of Vulnerabilities and Exposures 17:08:44 any questions / comments/ etc for me? 17:08:45 great nickm ! perfectly on schedule of https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam#Calendar: :D 17:09:04 I could use changelog review today if anybody has the time. 17:10:27 last week i gave a talk at waterloo, caught up on email, had a meeting with jschanck to deal with some handshake issues that we've been throwing around for a couple months 17:10:44 and i totally did not finish the #15055 review that i said i would :/ 17:11:04 i though i could do it on the airplane, but then i was just exhausted and passed out 17:12:06 this week i have a bunch of reporting/billing/bureaucracy to do 17:12:23 and my parents are visiting me! i have not seen them in two years! 17:12:27 awesome! 17:12:34 and also finish the review 17:12:55 other than that i will need to focus on getting my OTF contract done 17:13:17 EOF 17:13:26 mutex_lock() 17:13:41 Last week was mostly for me a follow up on all the things after Seattle which ended up in writing and replying to many emails including test network, network team agenda items and lots of prop224. I also did some review of 029 tickets and I believe some in review-group-10 maybe. 17:13:45 I'm still having this epic battle with Schleuder for our tor-security@ ML. Once I have few cycles to spare, I'll get back on that. I finally have almost finalize torsocks for a release this week fixing many things. 17:13:48 I still have lots of items on my stack rangin from Tor logistics to actual code. Oh and it's my week for "bug triage" so back off! :P 17:13:52 mutex_unlock() 17:14:07 how hard would you like folks to back off? 17:14:15 not very :P 17:14:26 asn: you are out, I'm in ;) 17:14:58 asn: (how did you find bug triage?) 17:15:20 Hello. During past week, I started a thread about prop224 client authorization, 17:15:20 that needed to happen and we've been postponing for months: 17:15:20 https://lists.torproject.org/pipermail/tor-dev/2016-October/011531.html 17:15:20 I also did some code reviews. 17:15:20 I also was the bug triager of the week, which was 17:15:23 a quite lightweight task since most new tickets were created by teor and were 17:15:25 pre-triaged or teor triaged them before I had the time to. I ended up triaging 17:15:28 about 5 tickets through the course of the week. 17:15:33 nickm: yeah, i'm here 17:15:59 asn: is there a maximally up-to-date version of the proposal 224 client auth stuff, with the various changed collected in it? 17:16:13 nope. it's still on the air based on feedback received. 17:16:32 i'm writing a reply now. then need some more feedback. and then will write a proper torpsec patch. 17:16:33 ok. would it be worth my having a look, or should I wait till you've revised? 17:16:41 i think it can wait till it's revised. 17:16:45 ok 17:16:56 except if you are really curious, in which case feel free to check the thread 17:17:21 I also started a thread on further hires on the network team, based on some discussions during the dev meeting 17:17:39 received some good feedback so far. some nickm feedback would be great as well :) 17:17:49 oh yeah, we are bascially waiting on Erin I guess? 17:17:53 ah is it? 17:17:55 ok 17:18:07 hrm considering last email... not sure :S but could be 17:19:14 EOF on my part 17:19:24 I was looking into https://pad.riseup.net/p/profiling-tor with nickm and Sebastian and this week I'll look into what debug symbols are needed and in which package they are. Also I'm going to look into other profiling tools for linux. That's it for me. 17:19:47 asn: wrt client auth, I also wonder if there's some awesome crypto trick we haven't thought of because we're not cryptographers. 17:20:18 femme: cool; thanks! 17:20:57 update: i'm in the thick of #19878 right now; there is a lightly refactored #19858 awaiting 2nd-round code review 17:20:59 nickm: perhaps there might be. 17:21:36 athena: could you stick your in-progress #19878 online someplace? I'm trying to stay up-to-date with how we're structuring it. 17:21:56 nickm: it's also a tradeoff between seeking new innovative solutions ,and figuring trivially-correct stuff quick so that we can move with development. 17:22:05 asn: Do we have any people who use this stuff actively? It would help to know what the usecases are 17:22:09 asn: that's fair enough 17:22:51 i've talked with people who use this stuff, and... they use it. all of them with less than 50 authed people. 17:22:55 people even use stealth auth 17:23:04 and IIUC the prop224 does not offer stealth auth option. 17:23:18 IIUC it's all stealth auth, if I understand the use case. 17:23:18 nickm: sure, will do 17:23:32 athena: cool. looking forward to it. Today ok for that? 17:23:37 think so 17:23:51 nickm: I think the current prop224 solutions cannot be isomorphic to stealth auth 17:23:57 hm. 17:24:05 nickm: because even with prop224 auth enabled, revoked people can still fetch teh descriptor (even if they can't decrypt it) 17:24:11 and hence they can learn HS presense 17:24:17 but i need to think some more about this. 17:24:23 this logically splits into two parts: tracking the sampled_guards at all (which is what you need to see for #19879), and load/storing them 17:24:25 Do you know if they'd want more than 50 users if tor supported that well? 17:24:54 nickm: prop224 stealth auth? i dont know if people would want that with more than 50 users. i think providing the current functionality as is (restricted to 16 users), might be sufficient. 17:25:06 stealth auth, or auth in general 17:25:20 also, do you have a sense of how often the admins want to change the list of authorized users? 17:25:26 i think providing normal auth for > 50 people might be useful. and i think it's possible. 17:25:41 nickm: good question. im not really sure how often revocations happen. 17:26:00 Knowing that would also be helpful in figuring out our possible solution space 17:26:00 we could ask on tor-onions@/tor-relays@ 17:26:12 in theory, if these things can happen using the control port, people can make scripts and such, and have their userbase be dynamic and quicjkly changing. 17:26:16 nickm: agreed. 17:27:12 dgoulet: perhaps that mgiht be agood idea 17:27:32 (I think we've moved to discussion time, but anybody who's around should feel free to chime in with a status update!) 17:27:37 yes sorry about that. 17:27:50 thanks for having a good topic to discuss! 17:28:33 I have a status update/discussion topic. First, looked very briefly into profiles (thanks femme for the help) of a cpu-starved relay 17:29:27 my discussion point is the tor-security list where I'm on, but read somewhere that I'll probably be taken off or something. I'm fine with that, but process-wise it would've been neat to let me know or something. Are the plans there finalized? 17:30:03 I don't think there are final plans, and I don't mind having a few more people on that list. 17:30:18 I also think that, if it's not a dumb idea, we should figure some way to allow network-team to do encrypted stuff 17:31:04 nickm: yes that is also on my plan to make it work btw 17:31:26 Sebastian: did that answer your question? 17:31:32 I guess we are good on the security policy as we should put it somewhere "official" ? 17:31:43 mostly, when will it be done? :) 17:31:52 Do we have a policy adoption policy? :) 17:32:03 nickm: enough +1 on tor-dev@ ? :D 17:32:17 ok, I'll send to tor-dev@ for comment and flamewars. :) 17:32:50 Sebastian: on my part (Schleuder) I really have no ETA but it's on my "get done shortly" list 17:33:09 nickm: well we did already multiple back and forth so I'm sure we can start with it and improve it as we go anyway 17:33:13 but yeah for now there are 3 people there 17:33:32 (and I need an answer also on the GPG key situation for that list :S) 17:33:39 so yeah action items on that ML 17:33:53 I would be okay with more people there. And I would *definitely* want a way to forward stuff from there to network-team. 17:34:07 dgoulet: sorry, what's the question? or too complicated to explain? 17:34:08 dgoulet: sounds great, thanks 17:34:09 yes I agree on taht 17:34:28 nickm: my last reply to the thread is about the GPG key for that list that Schleuder needs 17:35:00 I would say "you should generate one, it will be fine" . 17:35:12 ack 17:35:26 +1 17:36:04 I have a question: Does everybody who would like access to coverity scan have it? 17:36:31 (There are currently 3 resource leaks in the unit tests, and a bunch of false positives that are closed as such.) 17:36:47 nickm: i don't have access there 17:36:56 I totally recommend having access 17:36:58 feel free to add me to the coverity list asn@torproject.org 17:37:00 it's very enlightening 17:37:00 asn: if you request access, I will approve. 17:37:09 let me see if I can do. 17:37:12 * dgoulet has access 17:37:51 there is something else I would like to ask that I think we can decide in few seconds :) 17:37:57 I would want access and would like to work on unit tests and keeping an eye on them 17:38:10 ah, I can invite you 17:38:17 dgoulet: go for it! 17:38:46 about our Gitlab, no reply on the thread so I would like to move this forward and thus I assume everyone is fine with what I said there? :) 17:39:07 +1 17:39:08 asn: I just invited you 17:39:08 which was in a nutshell: Let's start with the Community edition and plug it to our LDAP 17:39:12 sure 17:39:17 nickm: thank you 17:39:38 ok great, no objection woot! 17:40:11 I think gitlab is a great idea 17:40:27 femme: wrt adding you to coverity, I've known you less long, though you do seem like an excellent and honest person. 17:40:44 so I could add you as an observer, or somebody could vouch for you, or ... 17:40:56 we could do this again in a few months? 17:41:08 dgoulet: no objection here 17:41:15 Yeah, the former or latter is fine 17:41:17 (This stuff is potentially security-sensitive, so need to be a little paranoid. Apologies!) 17:41:28 send me a preferred email addr then? 17:41:56 * dgoulet has another item :D (again probably quick) 17:41:57 dgoulet: I have no objection. We're talking about using it for code review for now, right? 17:42:02 nickm: yes 17:42:10 dgoulet: fine by me then 17:42:19 No need for apologies, I just was reading the website and thought about the security implications and would have asked about different access levels because I obviously don't need (want) anything mission critical 17:42:40 ack 17:42:43 last week I did set some magic dates here: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam#Calendar: 17:42:45 dgoulet: if you need help with schleuder or gpg, i'm happy to try to help 17:42:54 are we ok with those? (especially nickm :) 17:43:15 femme: in any case, if you send me an email addr, I'll add you as an observe. 17:43:17 isis: ah good to know, I'll give it another shot soon and see if I need to summon your help :) 17:43:20 *observer 17:43:47 dgoulet: I think I'm okay with those as a draft.... 17:44:01 so like "let's try it" kind of thing? 17:44:06 dgoulet: though the release today just can't be an rc. 17:44:12 the next one can be. 17:44:23 nickm: ah yes it should be "Feature Freeze" actually 17:44:25 ok 17:44:49 also I'm less clear why this time we're doing a one-month freeze window and the next 2 releases get a 3-month freeze window ? 17:45:11 030 is 3 months merge window 17:45:22 029 I didn't consider it as we are kind of starting after it? 17:45:27 right. why? 17:45:29 ah. 17:45:34 Sure, let's try it this way. 17:46:25 cool 17:46:27 any other topics for today? 17:46:47 One thing I could really use is feedback on the changelog for 0.2.9.4-alpha, if anybody has time. 17:46:57 oh, one more thing actually 17:47:02 go for it! 17:47:37 People (ln5) have reported that more recent versions of Tor are much worse off in terms of reconnecting when IP addresses change 17:48:04 this might be a reason why nathan is reporting that there are many Tor issues on mobile lately 17:48:28 Anyone have an idea for a change that might have caused this? Maybe we can get ln5 to bisect if we give him a couple of candidates 17:48:58 Hmm. I'm afraid I don't know offhand. 17:49:12 Is this an 0.2.7->0.2.8 thing? an 0.2.8->0.2.9 thing? 17:49:38 I think 0.2.7 -> 0.2.8, but I'd need to ask ln5 or check backlog (and backlog is probably hard to find) 17:50:03 If we could isolate it even to 0.2.7->0.2.8 that would be a good start for guessing where. 17:50:19 another topic: i was wondering how much we're against changing NTor 17:50:39 also, i think it's 0.2.7 → 0.2.8 17:50:53 isis: do you mean, adding an ntor2 for use with PQ crypto? 17:51:00 ah found it 17:51:01 isis: or do you mean, adding an ntor2 to completely replace ntor 17:51:04 but ln5 didn't mention a version 17:51:07 ln5: ^ :) 17:51:27 nickm: both? but at the very least option #1 17:52:04 I would want it to have security proofs at least as good as those from the first ntor. 17:52:35 because john needed to change some things to get the hybrid handshake security proof to work out nicely, but then there were more things in the original which were messy/wrong/bad 17:53:01 i think i can make the proofs better than the original 17:53:36 Sebastian, ln5 : I would _suspect_ the fixes for #17950 or #17951, without thinking too hard about it? 17:53:43 Sebastian, ln5 : But I should could be wrong. 17:53:53 isis: then, no objections. 17:54:01 do i need to do that, or is ian's "yeah those changes are improvements" tacitly okay? 17:54:03 isis: sounds good 17:54:15 While your're at it, did you know there's an ntor variant in prop#224 ? 17:54:18 *sp 17:54:39 nickm: i had just recently learned that… is there somewhere i can see the changes? 17:55:09 section 3.3.2, NTOR-WITH-EXTRA-DATA 17:55:20 okay, will review 17:55:23 thanks! 17:55:26 I'm afraid there isn't a clear diff however. 17:55:38 isis: I would like to see the proofs and would be willing to proofread/edit too 17:55:44 more topix? 17:55:46 before the release* 17:56:26 nothing more on my side 17:56:34 we have 4 minutes befor the next team's meeting. So then, let's sign off! 17:56:42 further discussion on #tor-project. 17:56:43 thanks, all! 17:56:45 #endmeeting