16:15:53 <shelikhoo> #startmeeting tor anti-censorship meeting 16:15:53 <shelikhoo> here is our meeting pad: https://pad.riseup.net/p/r.9574e996bb9c0266213d38b91b56c469 16:15:53 <shelikhoo> feel free to add what you've been working on and put items on the agenda 16:15:53 <shelikhoo> the read-write link for meeting pad can be requested via direct message 16:15:53 <MeetBot> Meeting started Thu Apr 18 16:15:53 2024 UTC. The chair is shelikhoo. Information about MeetBot at http://wiki.debian.org/MeetBot. 16:15:53 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic. 16:16:11 <meskio> hello 16:16:13 <theodorsm> Hi:) 16:17:03 <onyinyang[m]> Hello! 16:17:05 <shelikhoo> I see I was the one hosting the last meeting in absentia 16:17:10 <shelikhoo> in the pad 16:17:29 <shelikhoo> so maybe I should actually host it this time 16:17:47 <meskio> :) 16:18:38 <meskio> I'm a bit lost on who's turn it is, but I think I did host the last one 16:19:06 <shelikhoo> we should have something like a queue in the pad 16:19:27 <shelikhoo> and once someone hosted the meeting, will be move to the tail of the queue 16:19:51 <shelikhoo> and the first one available in the queue will host the meeting 16:20:10 <meskio> I think that was the idea of the 'Facilitator/this week facilitator', but I think is confusing 16:20:20 <onyinyang> the queue is already sort of there, since there's only 3 of us >.< 16:21:23 <shelikhoo> yes, it is more clear to make it explicit, since the mental queue was immediately corrupted when someone afk 16:21:42 <meskio> I think you should give it a try to improve it 16:21:55 <shelikhoo> yes! 16:22:04 <shelikhoo> anyway, let's start the discussion 16:22:12 <shelikhoo> Latest snowflake addon reviewer feedback requires a consent prompt for the collection of personal data 16:22:12 <shelikhoo> https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/89 16:22:21 <shelikhoo> I think this is from cohosh? 16:22:30 <cohosh> i must have added it a few weeks ago 16:22:36 <cohosh> it's been implemented now 16:22:53 <cohosh> the good news is, our extension is back on the mozilla addon store :) 16:22:55 <shelikhoo> yes, I see there was email about new signature required 16:23:05 <shelikhoo> yes, I see there was email about new signature format required 16:23:25 <meskio> \o/ 16:23:31 <cohosh> right, i want to upload a new version soon anyway and can take care of that then 16:24:38 <shelikhoo> yes... thanks for taking care of that! 16:24:45 <onyinyang> yay! 16:25:03 <shelikhoo> I will move to interesting link part 16:25:06 <shelikhoo> Snowflake support in Greatfire Envoy (using their own proxies and bridge as I understand) 16:25:06 <shelikhoo> https://github.com/greatfire/envoy/pull/63 16:25:31 <dcf1> Envoy is a library that implements a bunch of circumvention techniques 16:25:44 <dcf1> Including meek and Snowflake 16:26:30 <dcf1> When I learned that there are third-party users of Snowflake, I thought that perhaps it could explain some unexplained features in our graphs, such as when we see a sudden recovery of users on snowflake-02 after a domain fronting change for example 16:26:51 <dcf1> But my current understanding is that Envoy is using its own bridge and its own proxies, which is interesting in itself 16:26:59 <dcf1> I'm planning to get in touch with them to learn more 16:27:14 <meskio> ohh, interesting, are they using it without Tor? 16:27:19 <dcf1> I think so 16:28:56 <shelikhoo> It was nice to see snowflake getting more adoption 16:29:02 <meskio> yeah 16:29:28 <shelikhoo> although the fragmentation of proxy pool seems inevitable 16:29:38 <dcf1> I also learned that Lantern's snowflake-like has a badge on the front page of China Digital Times https://chinadigitaltimes.net/ 16:30:11 <dcf1> I don't know, Lantern has told me they designed their proxy pool to be reusable, perhaps there is a way for multiple projects to share one pool of proxies. 16:31:19 <shelikhoo> yes, I hope that will be true one day 16:32:06 <cohosh> oh cool, is the globe a visualization of where connected clients are? 16:32:19 <shelikhoo> yes, it is 16:32:40 <shelikhoo> they showcased that to me in person 16:32:55 <shelikhoo> about that globe displaying where is the client 16:33:47 <shelikhoo> anything more we would like to discuss about this topic? 16:34:12 <meskio> not from me 16:34:16 <shelikhoo> "Snowflake Anonymous Network Traffic Identification" January 2024 16:34:16 <shelikhoo> https://link.springer.com/chapter/10.1007/978-981-99-9247-8_40 16:34:16 <shelikhoo> Research from China, too recent to have been referenced in the Snowflake paper 16:34:16 <shelikhoo> Corresponding author Xu Dawei also has a paper on secure rendezvous using a blockchain https://link.springer.com/chapter/10.1007/978-3-031-15777-6_14 16:34:30 <shelikhoo> any summary about this paper 16:34:32 <shelikhoo> ? 16:34:37 <dcf1> I found this paper randomly, I haven't read it yet. 16:34:45 <dcf1> I'm going to try to get a PDF today. 16:35:10 <shelikhoo> okay, maybe we can have a look and have a discussion about it soon. 16:35:27 <meskio> :) 16:35:47 <shelikhoo> I have learnt not to comment on a paper without reading it in full.. 16:36:05 <shelikhoo> anything more we would like to discuss in this meeting? 16:36:16 <cohosh> does anyone remember what IP address assignment scheme we settled on for bridges with local addresses? 16:36:29 <cohosh> i was looking through old meeting notes but couldn't find the discussion 16:36:37 <dcf1> theodorsm: there's an issue that maybe could benefit from your attention: tpo/anti-censorship/pluggable-transports/snowflake#40357 16:36:53 <dcf1> theodorsm: you more than anyone would be in a position to know whether there is DTLS 1.3 in the wild 16:37:16 <cohosh> this is for bridges like meek and snowflake where we give an address in the 192.0.2.0/24 range 16:37:19 <meskio> I did close this issue, but happy to reopen it if we want to work on it 16:37:40 <theodorsm> 1.3 support is not being worked on AFAIK in the Pion lib 16:37:40 <dcf1> meskio: I think it was appropriate to close it. But theodorsm might have some insight. 16:38:17 <theodorsm> I don't think there is a golang lib out there that supports 1.3 properly 16:38:46 <dcf1> theodorsm: my question is more whether current browsers support DTLS 1.3 16:38:58 <dcf1> If they do not, there's no point in Snowflake using DTLS 1.3 in any case 16:39:29 <theodorsm> Ahh, yes. Chromium kinda support it, but I haven't seen it being used. 16:40:00 <theodorsm> When I have captured webrtc traffic in chromium and firefox, I have newer encountered 1.3 16:40:02 <dcf1> cohosh: tpo/applications/tor-browser-build#40624 could be the lead you are looking for 16:40:40 <cohosh> dcf1: yep, that's it. thanks! 16:41:14 <meskio> we should document that somewhere in the team wiki 16:41:33 <cohosh> yeah i can take care of that when i update rdsys-admin 16:41:42 <meskio> thanks 16:42:06 <shelikhoo> yeah, I think as anti-censorship tool, we don't always wants to use something new, as it would make censorship more likely to block it 16:42:34 <shelikhoo> okay, anything more we would like to discuss in this meeting? 16:43:18 <meskio> not from me 16:43:20 <shelikhoo> #endmeeting