17:00:08 #startmeeting weekly network team meeting 17:00:09 Meeting started Mon Apr 3 17:00:08 2017 UTC. The chair is nickm. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:00:09 Useful Commands: #action #agreed #help #info #idea #link #topic. 17:00:10 hi all! 17:00:16 hello meeting 17:00:18 hello 17:00:28 o/ 17:00:34 hi 17:00:49 So, in AMS, somebody (komlo?) suggested that it might be a good idea to parallelize our status updates, and get our meetings done faster. 17:00:55 hi there 17:01:09 The idea is that we all write on a pad, then we all look at each other's updates and ask questions, and then we're done with status updates. 17:01:19 Any objections? Any pad preferences? 17:01:34 asking questions on the pad? .. 17:01:36 I'll send it to tor-project when we're done 17:01:41 Q&A here I think? 17:01:51 riseup ok? 17:01:57 nickm: pad.riseup.net is good yes 17:02:01 volatile but good 17:02:04 works for me. i keep my notes in a file, so a pad is fine. wont have to turn it into an IRC line then :-) 17:02:08 Hi everyone !!! 17:02:10 hihi 17:02:24 hello people 17:02:56 https://pad.riseup.net/p/z7kkzmQJvBX5 17:03:14 hi or something 17:04:09 hi Yawning 17:04:18 we're doing updates in parallel at https://pad.riseup.net/p/z7kkzmQJvBX5 17:04:29 hi! 17:04:34 (fwiw, i usually use etherpad.mozilla.org . it works faster for me. that's for next meeting.) 17:04:45 * asn writes report 17:05:07 * karsten is here to get possible input for the metrics team. 17:05:21 Am I eligible to add my name to that doc ? 17:06:53 haxxpop: please do so 17:07:13 * Samdney lurks, too :) 17:07:36 * isabela back! 17:07:40 hi isa! 17:07:45 see pad link above 17:08:27 doing it 17:08:41 catalyst: feel free to ask me questions about PT stuff. i used to do that stuff long ago, and might still be able to help with things. 17:08:55 asn: thanks! 17:09:10 dcf has been doing good work this week wrt PT spec 17:09:29 "Sorry, you have to enable Javascript in order to use this." 17:09:36 I fucking hate pads 17:09:41 catalyst: one category of 0.3.1.x milestone bugs you might not have thought of working on: there are some needs_revision bugs that have just had their users disappear 17:09:59 oh well, yolo 17:10:03 nickm: ok is there some tag we should use for them? 17:10:14 catalyst: no. we could make one up? 17:10:19 ok 17:10:26 revision-stalled ? 17:10:30 hi, sorry i'm late, joining pad 17:10:41 (also yay parallelisation) 17:10:47 hm, ok, so my "last week" is "since last meeting" 17:11:24 asn, dgoulet, isis, hdevalence: Can I trust that if I ignore all the ed25519 AONT/blinding/clamping discussion, a conclusion will be reached some time? 17:11:34 yes i plan to reach a conclusion 17:11:42 nickm: yes 17:11:44 you can ignore, but i might ask you something at some point. 17:11:57 (no idea what yet, but your expertise/opinion might be needed) 17:12:56 pastly -- tried to take a shot at answering your questions 17:13:18 Sebastian: is the rust linkage safely behind an --enable-rust ? 17:13:19 catalyst: btw do you know about this mailing list: https://groups.google.com/forum/#!forum/traffic-obf ? 17:13:23 if so I'd be happy to take it RSN 17:13:47 catalyst: this thread specifically is quite timely: https://groups.google.com/forum/#!topic/traffic-obf/LWT_3sOrBJk 17:15:13 * dgoulet has a discussion point 17:15:14 asn: ok, thanks! so the next rev of the PT spec is currently being drafted? 17:15:23 catalyst: apaprently 17:15:25 dgoulet: let's collect bigger discussions near the top? 17:15:27 it's shit and awful though 17:15:35 nickm: oh didn't notice, good thx 17:15:52 catalyst: not sure. dcf would know more. 17:15:56 It's a work in progress. some parts are ok 17:16:00 (curate's egg) 17:16:09 sometimes we need to work on things to fix them 17:16:28 there's a thread on tor-dev about it 17:16:31 the mailing list 17:16:31 catalyst: i can share reports on the work that has been done on PT last year (specs and follow up that we had after discussions with the rest of the community) 17:16:44 catalyst: I manage the PT 2.0 draft specification process, if you have any questions about that. https://www.pluggabletransports.info/assets/PTSpecV2Draft1.pdf 17:16:46 but, not my circus, not my monkeys 17:17:00 blanu: do you have a timeline? 17:17:15 A timeline for what specifically? 17:17:36 Draft 2? WHen you want comments? When you intend to finalize? When you'll put it in a nice txt format instead :) 17:18:29 isis: is there a draft of the paper/design-spec online, or is that not public yet? 17:18:54 mikeperry: what did you talk to ietf about? 17:19:07 (I'm going to +1 Yawning on mild dislike of the pad.. I like the pre-writing of updates, but ideally each person's pad contents would be pasted here, IMO. some people probably use the meetbot archives for information, and pads expire but meetbot logs do not. I'm not also confused when we shoudl talk about each person's work items) 17:19:28 nickm: it's not public yet, but i can give you what we have so far, or give you access to the repo 17:19:36 i'll wait till it's more visible 17:19:40 ok 17:19:46 got enough public stuff to review already 17:19:52 I talked about Tor's view of privacy and traffic analysis for encrypted protocols. I gave an overview of our network and application-layer threat models, and then talked about various research into traffic analysis attacks and defenses 17:19:59 including prop#254 17:19:59 it's coming along nicely :) 17:20:03 maybe we could make the new format such that people try to have their status reports ready *before* the meeting begins? 17:20:07 I think all the comments are in at this point. I expect to make a new draft in the next month. Everything in PT 2.0 draft 1 has been implemented already, so hopefully we will reach consensus on the details in draft 2. 17:20:17 the invite tokens are only 32 bytes, i thought i would need to make them much larger 17:20:44 blanu: well, implemented in one tool. not implemented in tor or anywhere else, right? 17:21:00 you can't just say "I implemented it, you need to be compatible, it's done." 17:21:15 If that worked, then we could say "we implemented it, everybody be compatible" and there would be no pt 2.0 discussion :) 17:22:16 oh right, i talked to some rustlang devs, and there are some important notes: 17:22:22 mikeperry: It's working pretty well from my POV, but let's see how it turns out. I'm planning to solve the persistence issue by sending this to tor-reports^Wproject 17:22:24 Right so what David Fifield said is that he would not be interested in finalizing the spec until everything in the spec had been implemented in code, so that we could find problems with the spec. This is in fact what happening during implementation, so all of this discovery is going into draft 2. So implementation was a requirement for finalization. 17:22:48 nickm: i think vegas team should have a moment of update sharing that is like twice a quarter instead of folks sitting on meetings 17:22:53 1) they are happy to have calls/meetings with us to take feedback and ideas and wishlist items 17:23:10 nickm: this way we might be able to fix the problem for more stuff beyone network knowing what others are up to 17:23:13 isis: are we ready to give feeback for them yet, or should we gather more experience 17:23:35 2) people doing rust stuff should maybe join #rust on irc.mozilla.org 17:24:03 blanu: so, if I commented on the draft 1, woudl that be useful, or should we just assume that draft 2 will happen on its own? 17:24:12 nickm: i think sebastian has a few ideas, but overall the feeling was that we'd wait a few weeks to get a better idea 17:24:22 makes sense 17:24:33 hmm… there was something else 17:24:36 nickm: yeah, I'm with Isa on the rotating roles btw. as I said in the retrospective (I dunno if you heard me?) it just screams being symptomatic of a lack of proper org coordination 17:24:42 oh right 17:24:48 it's also classic n^2 communication inefficiency 17:25:06 I'm happy to do some other thing instead if Tor as an organization can get its act together 17:25:07 3) they can prioritise stabilising things for us, potentially 17:25:29 but I'd rather we try to fix stuff now, make mistakes, get messy, etc 17:25:30 nickm: Comments on draft 1 are welcome. A draft 2 is for sure happening, and comments will be welcome then too. I will definitely post draft 2 on tor-dev as soon as it is available. 17:25:39 cool. Got a timeline? :) 17:25:45 all of this is rust things is going to be optional for the forseeable future right? 17:25:49 nickm: i sent a proposal about it 17:25:52 isis: i think it was mentioned shortly during the memory safe implementation discussion: a roadmap for a tls stack? 17:26:01 it's a pretty big thing though 17:26:04 isabela: ack, and I don't know when it'll happen. 17:26:14 nickm: if it is temprary, that's fine. but just wanted to make sure we realized it as such 17:26:17 as in, "you get a fully functional tor binary without a rust toolchain" 17:26:17 if we want, for rotations this week, we can _not_ do liaison with other team 17:26:43 ahf: oh, that is a good request, also ouch that is painful 17:26:46 Yawning: plan is to make rust optional till it works everywhere, or till we are happy throwing out every place where it doesn't work 17:26:58 ahf: i think the answer right now might be "use ring"? 17:27:10 isis: yep, it's a very big task. hannes did it though for ocaml :-P 17:27:23 isis: i'm not past reading what is on rust's official website yet, so i don't know what ring is :/ 17:27:25 do we have more questions for each other wrt stuff on the pad? 17:27:31 ahf: "ring" is sorta like boringssl 17:27:35 Tier 2 platforms can be thought of as “guaranteed to build”. 17:27:38 ack 17:27:42 that list is very large 17:27:48 the Tier 1 platform list is very small 17:27:52 isabela: i'll happily help out with sponsor4 status report too! 17:28:04 ahf: Sebastian: komlo: do we have a place yet for organising rust stuff/questions/etc? 17:28:12 ahf: awesome! i will reach out off meeting then 17:28:16 sorry I am back, I had a connection issue, gonna read up 17:28:31 isabela: yep 17:29:03 so, discussion topix on or not/on the pad? 17:29:14 nickm: the configure switch is not yet implemented but easy to add 17:29:24 this is not merge-ready. But not that much more work. 17:29:32 ahf: yep, what nickm said. ring is just wrapping boringssl's assembly implementations 17:29:33 Sebastian: that would be the main thing blocking a merge IMO 17:29:50 We have a ton of eyes on us 17:29:56 "off-by-default" excuses a multitude of sins 17:30:01 isis: cool! 17:30:17 oh also some C in there, iirc (i'm not very familiar with boringssl, tbh) 17:30:23 we should be sure to document that rust MUST NOT be required in current code; that integration is experimental, etc: or else we'll get patches we can't take 17:30:49 hehe @ "off-by-default" excuses a multitude of sins 17:31:15 dgoulet: wrt your question on "new dirauth in 030 stable" -- when the directory authorities take the new dirauth and it starts voting, then all releases are potentially patchable to include it 17:31:15 isis: oki, i hope their tls state machine isn't assembly :-P 17:31:28 dgoulet: plausible? 17:31:30 And we know a bunch of stuff that we can still do better 17:31:40 alex, chelsea and I are working closely on this 17:31:53 nickm: right yes so it's not a hard requirement to make it for 030 stable basically? 17:31:55 so I'm pretty happy. And yeah, definitely no dependency on Rust. 17:31:56 Sebastian: ok. just remember not to let the perfect be the enemy of the good 17:31:58 dgoulet: right 17:32:04 nickm: we'll just release 030.1 after if needed 17:32:05 nickm: yep. 17:32:08 nickm: ack 17:32:20 We have some nice contacts with the Rust community too. 17:32:23 ahf: it's google-funded, what could go wrong? 17:32:24 so wait 17:32:28 ¯\_(ツ)_/¯ 17:32:33 isis: :-P 17:32:35 ahf: (kidding) 17:32:39 :) 17:32:41 if I write patches to allow modern C++ linkage to tor, hidden behind a feature gate 17:32:50 can I use my pet language of choice too? 17:33:14 Yawning: that was my first line at memory safe language discussion :-P 17:33:28 i said it as a joke though 17:33:28 Yawning: I'm sorry you weren't in Ams. We had a lot more consensus than anyone's pet language 17:33:59 Sebastian: I'm being somewhat facetious 17:34:11 I would totally maintain this as a fork if I was the only one wanting to do it. But without komlo and ahf I wouldn't even do anything. 17:34:13 the whole session was very focused and here the focus wasn't on the language itself. some problems with go was mentioned especially when it comes to using go in a C codebase 17:34:38 ahf: well, yeah, because cgo is terrible and scales/performs like crap 17:34:41 ok I think that grammar made no sense 17:34:51 where rust seems to not have that problem - and it seems like we have a lot of people who dig rust too. GeKo had a very good point during the meeting that the browser team will need in-house knowledge of rust in a bit over a year as well 17:35:11 from the perspective of someone who wasn't there 17:35:17 while the notes claim it wasn't about the language 17:35:20 the feeling I'm getting is 17:35:26 "So yeah, basically Rust" 17:35:32 got a preferred alternative? 17:35:41 maybe it'll suck once we've tried it for a while 17:35:48 that's memory safe, with sufficient platform support? 17:35:50 I'm trying hard to make sure that we don't merge anything we can't back out 17:35:56 I don't think anything exists 17:36:01 So, yeah. 17:36:04 rust's platform support is unacceptable to be mandatory 17:36:05 basically, rust. ? 17:36:08 no 17:36:27 well, not making it mandatory yet 17:36:32 either it will work out, or not 17:37:03 right, the important thing is that this is just an experiment 17:37:04 well, isn't that something where we could use isis' contact to the rust community as well if this is a concern: rust should be available on at least *bsd, linux, windows, irix, ... ? 17:37:12 yep 17:37:15 ahf: https://forge.rust-lang.org/platform-support.html 17:37:41 do we have an official prioritized platform support list? 17:37:46 if it doesn't work out perfectly, the worst that happens is that some of us know more rust (and thus can help more with TB work) 17:37:52 catalyst: no; every time I've tried to make one, somebody flames me 17:37:57 catalyst: could try again :) 17:38:09 or could forward my last attempt somewhere more public 17:38:25 I'm jsut dreading the day when 17:38:31 y u no support irix 17:38:33 Yawning: that list is more positive than i expected, but yeah, catalyst's question is good 17:38:38 I need to write the same code in multiple languages 17:38:42 nickm: yeah people will complain no matter what you do along those lines 17:38:58 ahf: that list is utterly terrible, because tier 2 support is "it compiles" 17:39:12 if you keep pushing on the "our resources are finite" angle people will probably eventually get the message 17:39:22 catalyst: no, they just keep flaming 17:39:37 but anyway I'll stop now 17:39:47 Yawning: that sounds like a forum moderation issue to me 17:39:54 we'll never please the guy who thinks we should still support win98 :) 17:39:59 what moderation 17:40:03 maybe we should take a rust session after the other parts of the meeting? 17:40:09 yeah, seems smart 17:40:11 we have 20 min. left before another team pops in, no? 17:40:27 yeah, let's try to get through the meeting 17:40:51 next thing: gsoc apps should be in now IIUC. anybody who might mentor anything should take a look over the next few days 17:41:10 we'll ask students some questions, try to reach consensus about what we have the resources to mentor, etc 17:41:20 cool. where can we see the applications? :o 17:41:35 ahf: atagar usually e-mails a list 17:41:41 after they're all in 17:41:54 atagar usually coordinates the logistics for us, but he might not mind help 17:41:56 (I have no idea) 17:42:05 ack! 17:42:07 at least, that's what happened in previous years 17:42:14 i think i was emailed an application directly, should i ask them to resend to tor-project@ ? 17:42:35 isn;t there like 17:42:39 "send it to google" 17:42:47 yeah 17:42:49 that's part of the procedure 17:42:51 it must go through google 17:42:59 and mentors must be signed up with google 17:43:03 yeah 17:43:10 which is why I can't mentor anymore 17:43:11 otherwise we won't get the spot so the student doesn't get paid 17:43:12 another topic: for putting out 0.3.0.5-rc -- if there is anything that should be fixed by 0.3.0 stable which isn't fixed yet? Looking at the milestone, I think I'd be fine with not doing any of that stuff 17:43:30 because google locked my yawning@tpo email account 17:43:38 (re gsoc timeline: https://developers.google.com/open-source/gsoc/timeline ) 17:43:50 application deadline seems to have been 104 minutes ago. 17:44:02 (So, I hope the student applied to google) 17:44:53 ah. 17:45:22 nickm: anything around the release that you would like help with? i have my prop #278 stuff that i want to have out of the door now, but would still like to get a bit more into some of the "daily" duties that we might have from time to time. 17:45:30 nickm: nothing comes to mind about 030.5 17:45:44 here are the 030x-final tickets https://trac.torproject.org/projects/tor/query?status=!closed&group=status&milestone=Tor%3A+0.3.0.x-final 17:46:15 ok. If you think of anything please let me know 17:46:57 re rotating roles: Let's skip liaison this week, and sign up for stuff for maybe the rest of the month, if that's not too much to ask? 17:47:12 i can do bug triage this week 17:47:13 nickm: liaison or/and observer? 17:47:24 dgoulet: I forget what we called them 17:47:31 ahf: great 17:47:33 TBB observer, UX Obs, and so on 17:47:55 nickm: i never received the invitation to coverity. i think something might be odd between you and me when it comes to email :/ 17:48:15 ahf: I had it go to ahf@torproject.org . Shall I try another address? 17:48:18 im confused 17:48:28 serves me right for not traveling I guess 17:48:35 nickm: try ahfaeroey@riseup.net maybe :/ 17:48:40 tryhing 17:48:42 *sp 17:48:44 Yawning: the goal should be to not have you feel that way 17:48:52 it's fine 17:49:00 Yawning: let us know how to clear it up? 17:49:05 tor browser meeting in 11 minutes 17:49:23 let's add ourselves to rotations over the next hour or three, so we don't all collide 17:49:32 (need a better algorithm) 17:49:39 ahf: sent 17:50:03 nickm: everyone try at once, and then randomized backoff, is a perfectly fine way to solve contention :P 17:50:06 nickm: cool, will check in a second 17:50:16 Yawning: it's time-honored, to be sure 17:50:16 ;) 17:50:22 ahf: shall we try to meet tomorrow to talk about sponsor4 and metrics? 17:50:28 so, we skip figuring out the other rotating duties this week? 17:50:36 karsten: yes, i've written that down on my list - that would be good 17:50:51 err, let's skip figuring out the "observer" stuff 17:50:51 karsten: i'm online from around 11 o'clock CEST 17:50:54 and try to do the rest 17:50:58 sound ok? 17:51:10 ahf: sounds like a good time. will be here at 11 CEST. 17:51:22 karsten: cool! 17:52:03 any more for the next 8 minutes? I see somebody added "we didn't do 031 triage"; I agree we didn't. Should we make a plan to handle that here? 17:52:51 is that to triage stuff into or out of 0.3.1? 17:52:55 in and out 17:52:56 out of, I hope :) 17:53:21 yes let's come up with a date/time for triage 17:53:39 maybe we can start one hour earlier next week? O_o 17:53:42 Would somebody volunteer to circulate a doodle poll? 17:53:48 asn: for this meeting? 17:54:01 yeah, and do the triaging in the extra hour 17:54:13 +1 on that 17:54:45 i don't mind moving the meeting to earlier 17:54:54 propose that on the ml, see if anybody objects, and circulate a doogle poll if so? 17:55:09 (I know that the west-coast-USA people already find this meeting time unpleasantly early) 17:55:23 yep.. 17:55:26 ahf: Would it ok for you that I join your meeting with karsten? 17:55:31 really 10am is late? :P 17:55:31 it's nice having it at 10am now, i'll say that 17:55:52 maybe let's have another poll then 17:55:54 Samdney: yes, it's fine - we'll be walking over what some of the sponsor4 does and how it might impact some assumptions the metrics team have :-) 17:56:06 great :) 17:56:07 Samdney: 11 CEST here tomorrow :-) 17:56:08 ok. 4 min left. more for today? I'll send the tor-project@ email 17:56:21 * dgoulet is good 17:57:04 good here 17:57:05 ok. thanks, everybody! 17:57:07 #endmeeting