wiki:org/meetings/2014SummerDevMeeting/Roadmaps

Meeting goals

  • Remove administrative roadblocks to acquiring and administrating new infrastructure (build machines, etc.)
  • Fix contracting workflow
  • What is the decision-making process for Tor?
  • Who do I ask for direction on projects that need to be done?
  • Dog food plan for all TPO/TPI/TPC folks (or forks?)
  • Moritz would like to resume the discussion of Tor Europe.
  • Settle the differences between the company and the community
  • Central location for funding info: don't be a bottleneck!
  • Figure out the steps for obfs4 deployment.
  • Future of pluggable transports (upcoming pluggable transports, BridgeDB (?), tor improvements, etc.)
  • Make plans for hidden service performance and measurement project.
  • Future little-t-tor development features (single guard, hidden services, etc.)
  • Land patch in Instantbird
  • Define development roadmap and threat model for BridgeDB.
  • Determine how BridgeDB and new bridge distribution mechanisms are going to be funded.
  • Establish year 1 Sponsor Q milestones.
  • Bridging Tor and OONI.
  • Decide concrete directions for pluggable transport specification refactoring.
  • Better planning process for little-t-tor
  • Better understanding of Tor measurement needs; concrete technical ways to achieve the above
  • Moritz wants help automating deployment and monitoring of Tor relays.
  • OONI Q3/Q4 development roadmap
  • Complete OONI trajectory of how/where to go forward with deployment
  • Map out improvements to TBB bootstrapping usability
  • Hoping to get funding for Tahoe-LAFS native Tor integration.
  • We want to make clearer how people can contribute to Sponsor O.
  • Guides: which ones need update, translation, etc.
  • Get David Goulet committed to hidden-service development, and Yawning committed to pluggable transport development.
  • Decide if we hire harmony and what job they would do.
  • Mitigate global passive adversary threats
  • Fix user interface and web page and wikipedia.org
  • Make integration/testing plan for kernel/socket scheduling
  • Repair and strengthen friendship with focus on (unreadable) shared positive vision
  • To learn about the culture of this community. The people, the personalities. To understand.
  • Ensure Tor Browser Team members are all on the same page with respect to current and future funder deliverables and internal priorities.
  • Developers and trainers should have an open discussion about what Tor training covers.
  • Make sure nobody gets arrested.

Tuesday afternoon session led by Gunner

(o) means something was deemed important by attendees

Morale/safe workplace

  • Having more interaction and feedback from Tor people
  • I don't even know who are my co-workers
  • Building respect amongst team (oo)
  • Accept apologies and then move on; stop harboring bad feelings
  • We need to be civil to other orgs, because you never know who they talk to!
  • People don't acknowledge problems (o)
  • Tor feels hostile for conversations and lacks secure communications for everything
  • People surprisingly fired (oo)

Personnel

  • Four months without a contract (oo)
  • I don't know who is supposed to be working on what! (ooo)
  • Total lack of acknowledgement for situations currently impacting workers
  • Make all timesheets public, just like reports (o)
  • As a volunteer, I pick my coworker. As a contractor, not so much. How's that handled?
  • Where should I go when I believe someone is doing a bad job?

Sustainability/culture

  • We need to establish work-life balance guidelines
  • Demonstrate professional respect
  • No one mediates disputes (o)
  • Treat each other with kindness
  • Tor speaks English without common definitions, e.g.: "political"

Empowerment

  • Lots of responsibility without power to succeed in tasks (ooo)
  • People think they can do my job (o)
  • I need authority to get things done (I have the responsibility) (o)
  • There is no escalation procedure when people retain information
  • Getting help in prioritizing tasks

Vision

  • Political analysis is totally missing
  • No common vision shared (oo)
  • Is Tor a pure provider of technology or also a political animal? (ooo)
  • Sharing and discussing common vision for Tor related projects
  • Tor is impacted by our funders but we deny it.
  • Tor is fighting a proxy war for the U.S. government and is internally dishonest about this truth (o)

Project

  • We don't even use our own projects company-wide (o)
  • We meet too rarely and only talk about contracts but not the project
  • Tor lacks forensics for incident response but also emotional support for incident response.

Decision making/collaboration

  • Establish goal setting and achievement for entire team
  • Establish united leadership team -- goals of organization.
  • How can a meeting be organized without involving people who are on the ground? (o)
  • Create clear communication
  • Fix bottleneck of communication when conversation fails (oo)
  • Create structure for process -- human resources, hiring, etc.
  • A process for common cooperation is missing for virtually all tasks (ooo)
  • We need a hand-off process for important decisions or relationships.
  • Implement liquid democracy for deciding on issues.
  • Provide a safe space to deal with our security situation; e.g.: pwnage; e.g.: emotional issues.
  • Open a physical space for humans to gather to co-work.
  • We accept confines (?) that are constructs. We should define them and empowered (?).
  • All documents should be on an (.onion) intranet (ooo)
  • Provide fixed weekly time(s) for discussion/addressing issues and resolving decisions
  • Place human resource specialist on staff/board (oo)
  • Agree on psychosocial care professional selection criteria. (o)
  • Discuss everyone's deliverables internally so we can trade/organize better.
  • Solution for contractor hiring; deployment should be a separate function
  • Focus on intentional expectation setting with all staff/volunteers roles/compensation (o)
  • Prioritize early and proactive notifications of issues/status change for team members
  • Have a veto procedure for new people
  • Have an open legal advisory channel for all TPI folks.
  • Provide mediation on demand for conflict resolution (oooo)
  • Have someone say yes when we get offers of help.
  • Announce new contracts and their deliverables to spread knowledge on who is working on what and what to expect. (ooo)
  • Set goals for both contractors and employees that they can achieve and are measurable so they can know they have accomplished something (oooo)
  • Inform people beforehand that their contract is going to expire and renewed or not renewed. (o)
  • Delegate budget authority and associated decision making (ooo)
  • Collective and improved hiring/on-boarding contractor/employees process could be improved by adding more inputs (oo)
  • Resolve Tor's long-term vision and priorities to inform decision making (oooooo)

Roadmaps

Note: Please feel free to correct these items or annotate them with ticket numbers or other things. But please don't remove items, unless you really think you have to.

Core Tor

  • Plan circuit-scheduling implementation ideas, July 31, 2014, robgjansen/andrea/nickm
  • Teach developers shadow, July 31, 2014, robgjansen/nickm/andrea
  • Schedule 0.2.6, July 31, 2014, nickm/andrea
  • Finish trunnel (?) experiment, August 1, 2014, nickm
  • Merge global circuit scheduling patch, August 15, 2014, nickm/andrea/robgjansen
  • Review all pending Tor patches, August 30, 2014, nickm/andrea
  • Release 0.2.5, August 30, 2014, nickm/andrea
  • Test with all OpenSSL forks, August 31, 2014, ioerror
  • Implement v1 of single-guard, September 15, 2014, asn
  • Implement new identity-key design, September 15, 2014, nickm
  • Merge towelenee's GSoC code, September 30, 2014, nickm/andrea
  • Merge consensus-diff code from mvdan, September 30, 2014, nickm
  • Design client-side key pinning, September 30, 2014, nickm/andrea/?
  • Plan Tor side of Sponsor R, October 1, 2014, nickm/?/robgjansen/Aaron Johnson
  • Merge PT improvements as needed by PT team, October 15, 2014, nickm/andrea
  • Plan Tor side of Sponsor Q, October 15, 2014, nickm/?/Nick Hopper
  • Converge Rob's KIST patch w/ 9xxx, October 31, 2014, robgjansen/andrea/nickm
  • Design for consensus failure, November 15, 2014, ?
  • Correct weighted single-guard, November 15, 2014, asn/?
  • Freeze 0.2.6, December 1, 2014, nickm/andrea/?
  • Hire and onboard a new Tor developer, December 31, 2014, ??
  • Implement new hidden service design v1, January 31, 2015, asn/nickm/?
  • Write better system tests in/for Chutney, January 31, 2015, nickm/?
  • Design proposal for something eigenspeedy, Febuary 1, 2015, Nick Hopper?
  • Build better hidden service -> client feedback (proposal 229), February 1, 2015 or sooner
  • Get a test network running, March 1, 2015, ?/ln5/gamambel(?)
  • Release 0.2.6, March 1, 2015, nickm/andrea/?
  • Design for modular Tor, March 1, 2015, ?
  • Design more scalable relay family system, March 1, 2015, ?
  • Design better controller API for testing/inspecting relays, hidden services, directories, April 1, 2015, ?/Aaron Johnson
  • Design, safe relay-level hidden service statistics v1, (unreadable), June 15, 2015, Nick Hopper
  • Freeze 0.2.7, June 15, 2015, ?
  • Reach at least 50% test coverage in tor, July 1, 2015, ?
  • Design PQ handshake and key cascade, July 31, 2015, nickm/?
  • Full automatic integration tests with Shadow and Chutney, July 31, 2015, ?
  • Build DoS-resistance throughout tor, July 31, 2015, ?
  • Write good developer docs, first draft, July 31, 2015, ?
  • Decide whether and how to replace TLS, August 1, 2015, ?
  • Design/research hidden service reliability improvements, August 1, 2015, ?
  • Design new relay crypto, August 1, 2015, ?

TBB

  • Enumerate and categorize security slider levels, July 15, 2014, Mike (#9387)
  • Deploy existing Linux XPC shell tests, August 1, 2014, boklm (#12570)
  • Secure hosting for update archives, August 1, 2014, weasel?/erinn? (#12623)
  • Automate update package distribution, August 1, 2014, P.C. (?)/erinn? (#12622)
  • Deploy alpha with updater, August 15, 2014, mikeperry, GeKo
  • Initial UI for security slider, August 15, 2014, GeKo (#9387)
  • Persona test server, August 15, 2014, isis (#12193)
  • Rebuild and rebase for FF31ESR, September 1 (?), 2014, GeKo + patch owners (#12460, #12620)
  • Update patches for Firefox in Bugzilla, September 1, 2014, GeKo (#12619)
  • Deploy remaining Firefox tests, September 1, 2014, boklm
  • Review FF31ESR, October 1, 2014, mikeperry (#12621)
  • Switch to FF31ESR, October 31, 2014, GeKo
  • Sandboxing, October 31, 2014, mikeperry/erinn? (#5791, #4522)
  • Circuit and exit status reporting UI, October 31, 2014, Arthur Edelstein (#8641)
  • Apply mixed content blocking fix, October 31, 2014, mikeperry
  • Persona experiment.. (?) (captchas, blind signatures, etc.), October 31, 2014, isis (#12193)

OONI

  • Schedule talk with CPP and OONI, July 8-11, 2014, vmon, hellais, aagbsn
  • Run OONI in Iran, August 1, 2014, vmon
  • Figure out scheduling of ooni-probe, August 14, 2014, Leif
  • Design test deck for Iran, August 31, 2014, vmon
  • Automated deployment of ooni-probe to PlanetLab, September 2014, David S.
  • Integrate mlab-NS with OONI-backend, September 1, 2014, aagbsn
  • Deploy HTTP header field manipulation on production m-lab, September 15, 2014, hellais
  • Make bouncer/client aware of collector policies, end of September 30, 2014, hellais
  • Analyze and visualize the bridge reachability data, October 1, 2014, aagbsn
  • Setup of collector infrastructure for bridge reachability testing, October 2014, David S./aagbsn
  • (unreadable) task dispatcher from bouncer to probe, November 1, 2014, hellais
  • Discuss scope of OCCRP-OONI collaboration, December 31, 2014, hellais
  • Add PCAP upload support to probe and backend, February 1, 2015, ?

Sponsor O

  • Tor Messenger (arlolra, sukhe)
    • Merge Instantbird patch, July 7, 2014, arlolra
    • Finish UI for OTR plugin (?), July 15, 2014, arlolra
    • Decide on default Jabber server, July 31, 2014, ioerror
    • Implement socialist millionaire protocol authentication (Tor Messenger), August 15, 2014, arlolra
    • Research automated builds and testing for Tor Messenger, August 31, 2014, boklm
    • Deploy nightly builds and basic testing for Tor Messenger, September 30, 2014, boklm
    • Get signing cert for XPI, October 15, arlolra
    • Engage iSEC partners for security audit, November 1, 2014, ioerror
    • Translate Tor Messenger (Instantbird to Farsi, Tor Launcher to Farsi, French, Spanish, Arabic), November 1, 2014, arlolra/vmon
    • Research sandboxing for Tor Messenger, November 15, 2014, erinn/ioerror
    • Create a Tor Messenger webpage and logo, November 15, 2014, arlolra
    • Write Tor Messenger User Manual, November 15, 2014, arlolra
    • Research reproducible builds for Tor Messenger, December 15, 2014, arlolra
    • Release Tor Messenger beta, announce on tor-talk, present at 31C3, December 26, 2014, arlolra
    • Announce Tor Messenger on the blog / to the press, January 15, 2015, arlolra
  • Stormy (saint)
    • Solicit Stormy input from Tor community, by August 1, 2014, saint
    • Review from peers + technical (Stormy), August 15, 2014, saint
    • Incorporate feedback from reviewers (Stormy), September 1, 2014, saint
    • Document proper usage of Stormy, September 14, 2014, saint
    • Initial Stormy 1.0 release, September 15, 2014, saint
    • Translate Stormy wizard and documentation, September 21, 2014, saint/vmon (Farsi)
    • Get Stormy into Debian/Ubuntu, October 7, saint
    • Release Stormy 1.1, December 22, 2014, saint
    • Maintain Stormy until, August 1, 2015, saint
  • Support and user-facing documentation (Lunar)
    • Identify public user-facing documentation to be written/updated, July 31, 2014, Lunar
    • Write technical writer job description for user-facing documentation, August 15, 2014, Lunar
    • Rewrite download page for TBB, October 1, 2014, erinn
    • Get first version of Tor Browser User Manual out in English, November 30, 2014, Lunar
    • Have webchat support localized, December 1, 2014, Lunar
    • Publish support templates automatically, March 1, 2015, Lunar
  • Outreach and training (kel)
    • Update documentation related to trainings, August 31, 2014, Kelley/phoul
    • Complete training pilots, October 31, 2014, Kelley/phoul
    • Document a strategy with how we are going to get learning materials into the hands of as many people as possible, September 15, 2014, Kelley/phoul
    • Translate learning materials and curriculum materials, December 31, 2014, Kelley/phoul
    • Complete improvement of documentation and training curriculum, December 31, 2014, Kelley/phoul
    • Deploy training materials, April 30, 2015, Kelley/phoul

PT

  • Fix FTE/obfsproxy windows build (#12381), George, July 2014
  • Deploy meek (#10935), TBB/Yawning, July 2014
  • Merge scramblesuit stuff (#11271/#8040), George, July 2014
  • Prepare procedure for hiring PT polishing person, George/Yawning/Mike/Ximin, August 2014
  • Merge TOR_PT_PROXY in little-t-tor (#8402), Yawning/Nick, August 2014
  • Fix & merge wfn's patch (#9957), Yawning, August 2014
  • goptlib should expose a SOCKSv5 listener (#12535), Yawning, August 2014
  • Deploy obfs4 (#12130), Yawning, September 2014
  • Identify bridges via fingerprint not address, Ximin, October 2014
  • IPv6 + PTs, Yawning/George, October 2014
    • #12138 : No IPv6 support when suggesting a bindaddr to a PT
    • #11211: Multiple ServerTransportListenAddr entries should be allowed per transport.
    • #7961: Publish transports that bind on IPv6 addresses
  • Design UDP Transport, Yawning, October 2014
  • Rewrite tor-fw-helper and support libraries in Go, Yawning, October 2014
  • Bridge improvements
  • PT logging correct fix, Yawning, January 2015
  • Flash proxy/WebRTC, Dev needed!!!, February 2015
  • PT SOCKS metadata (Useful for non-PT stuff) AKA Prop. 22, Yawning/Nick April 2015
  • Design split PT interface into transport vs transform RESEARCH, sjm/Yawning, May 2015
  • PT rate limiting (important, long term, v. hard), Yawning/Polishing person, June 2015
  • PT statistics (design, long term, easy. Current ones not too bad), George, June 2015
  • Bridge + PT bundles (long term), Dev needed, August++ 2015
  • Add support for multiple Bridge Auths to little-t tor [BridgeDB people], August++ 2015

BridgeDB

  • Clean up which pluggable transports are currently supported by BridgeDB, July 15, 2014, isis
  • Finish BridgeDB Bridges.py, Dist.py refactoring, August 31, 2014, isis
  • Separate BridgeDB databases/hashrings from bridge distribution, August 31, 2014, isis
  • Automate BridgeDB documentation builds, August 1, 2014, isis
  • Switch BridgeDB to using Redis and/or CouchDB backend (prop#226), August 1, 2014, isis
  • BridgeDB has 100% documentation, August 1, 2014, isis
  • Setup/configure BridgeDB test server, August 15, 2014, isis/sysrqb
  • Nagios/monitoring checks for BridgeDB email distribution and HTTPS distribution, August 1, 2014, David S.
  • Package BridgeDB on PyPI, August 15, 2014, isis
  • BridgeDB - Bridge (unreadable) separation and API for bridge retrieval, September 1, 2014, isis
  • Document BridgeDB-1.0.0 architectural changes, September 1, 2014, isis
  • Configure OONI collector for bridge reachability measurements, October 1, 2014, ?
  • BridgeDB 100% code coverage by unit/integration tests, October 1, 2014, isis
  • Develop mechanisms for BridgeDB usage statistics, November 1, 2014, ?
  • Well-defined threat model for BridgeDB and bridge distributors, November 1, 2014, ?
  • Possibly hire/contract part-time BridgeDB person; blocked on funding stuff, December 1, 2014, ?
  • Run BridgeDB tests on Jenkins, December 1, 2014, ?
  • Packages BridgeDB in Debian, January 1, 2015, ?
  • Create anonymous credential system for BridgeDB Soc.Dist., June 1, 2015, isis
  • Develop client and server-side code for BridgeDB BridgeFinder Soc.Dist., ?? 2015, isis
  • Add support for multiple bridge authorities to little-t-tor, ??? 2015, ?
  • IPC for TorButton/Launcher to client-side BridgeFinder/Soc.Dist. (JSON thingie) or prop#199, ??? 2015--2016, ?
  • TorButton/Launcher integration for BridgeFinder/SocialDistributor, ??? 2015--2016, ?
  • Deploy BridgeFinger/SocialDistributor, ??? 2016, ?

Org

  • Plan continuing Tor Weekly News, July 4, 2014, arma
  • Set up a dedicated yearly outreach budget, July 15, 2014, arma
  • Internally shared fundraising dashboard, July 15, 2014
  • Share details about Circumvention Technology Festival -> winter dev meeting, July 15, 2014, kel
  • Hire/onboard part-time/intern person to assist in populating CRM, July 31, 2014, phobos/kel
  • Fix Tor Wikipedia page, July 31, 2014, Asta?
  • Define and document the outreach team's efforts/work, July 30, 2014
  • Revise warning page (on website), July 31, 2014, Asta?
  • Propose to the board a Tor Europe subsidiary plan, August 1, 2014, Pepijn/Wendy/Melissa
  • Add dev meeting link to Tor website, August 3, 2014
  • Identify existing program managers & gaps (same as account managers), August 1, 2014, arma
  • Decide whether to be primarily tech company or a lobbying/educating/social organization, August 1, 2014
  • Create a mailing list for people speaking about Tor, August 1, 2014, Lunar
  • Do search engine advertising trial, August 30, 2014
  • Collect funder list: who funds competition/colleagues, who we're all talking to, August 31, 2014, puffin
  • Put together official Tor slideshow for crypto parties, September 30, 2014
  • Populate CRM, September 1, 2014
  • Hire community manager, September 30, 2014
  • Create promotional material kit (funders, conferences), August 15, 2014, kel
  • Foundation target proposal written, September 30, 2014
  • Rewrite Tor trademark and proper uses of Tor brand, October 31, 2014
  • A/B testing of donations popup/workflow on download page, October 31, 2014
  • Revamp website homepage (donate, download, learn), October 1, 2014
  • Beta-test Tor certification program, October 30, 2014, phobos
  • Create training material kit, December 31, 2014, kel
  • Hire operations manager (contracts, wire transfer, CFO), December 1, 2014, phobos
  • Create presentation decks for trainers, December 31, 2014, kel
  • Hire a full-time small donor coordinator, December 31, 2014, ?
  • Hire devs from "Global South", January 1, 2015, ioerror
  • Hire two woman devs, January 1, 2015, puffin
  • Integrate CRM with donations page, February 15, 2015, puffin
  • Deploy new blog and calendar, March 30, 2015, weasel?/erinn
  • Develop Tor franchise program plan, June 1, 2015, phobos
  • Start Tor lobbying organisation in Europe, June 1, 2015
  • Hold dev meeting in Asia, June 30, 2015, ?
  • Start AnonyCon in Asia, December 30, 2015
  • Start AnonyCon in South America, December 30, 2015, ioerror?

Sources

Photos made by Griffin Boyce:

Last modified 3 years ago Last modified on Aug 6, 2014, 4:48:20 AM