Tor is not solving the censorship field by ourselves. We need a set of people all over the world working together to do this. Modularity is critical to Tor's strategy because you want users to simply replace "the broken bit" of a piece of blocked software, not have to switch out the software entirely.

If we can create a space that could draw in other expertise's and work it would be beneficial to our work and our aims. Currently Tor has a pluggable transport API. Others don't know how to use it. The API is thought as only for Tor. But, it is a community API and can be used outside of Tor.


People don't think that Tor talks to anyone, because Tor does not talk to them. And talking to the community is what Pluggable is all about. What we need now is an Evangelist to contact [insert group developing PT-like tool here] and tell them about how awesome modularity is and that they can find it in the PT API.

  • Also, Yawning does not want to do outreach.
  • TODO: we need a public posting
    • evaluation of current candidates in the ways that we have been lately
  • the evangilist needs to be a highly technical person who can ansewer questions etc, and won't just push the work onto the PT dev team.
  • evangilist needs to be communications savvy
    • without comms expertise it was very hard to hire people
    • in the interview we need to check for communications savvy-ness

PT Criteria

Things we need:

  • TODO: One set of criteria for what a good pluggable transport should be.
  • TODO: One set of criteria for getting a PT into the tor browers

Existing Documents:

Before submitting a PT for inclusion into TBB a developer…

  • MUST be able to be built the PT deterministicly
  • MUST have had the PT in alpha for [X] period of time
  • MAY build a patch for TBB and provide the patched TBB for review along with the PT for testing

For inclusion into TBB a PT…

  • MUST offer a different feature than existing PT's.
  • MUST have code that is well documented and maintainable by a party working without the support of the original developers
  • MUST be audited by one of the existing core Tor PT develoers
    • therefore it MUST be very compelling, or provide funding, so that auditors will audit your code.
      • The time it takes to audit code is considerable.
        • e.g. stegosaurus
        • We need to not ignore the costs on our side for doing the evaluations.
  • MUST have an identified process and channels for handling support for users experiencing blocking or other errors that are PT related
  • SHOULD have a well thought out deployment plan (e.g. plan for recruiting people who will run the specified PT on Tor Bridges)
  • MUST be written in a reasonable language - e.g. MUMPS :) -

The Process for getting a PT included into TBB is to…

  • A0) DON'T email individual developers
  • A1) Send an email to tor-dev or create a trac-ticket announcing your intent to create a PT
  • A2) A person should communicate to IRC during meeting times to announce their intent.
    • TODO someone tell Nick that he inherited PT additions in the Tor Dev Meeting.
  • B) TODO: Now what? PT-vangelist or interested Dev responds and says "read and respond to roadmap" and then provide [X] things in [Y] format to location [Z].
  • C) TODO: Review happens here?
  • D) TODO: It is included into TBB here?
  • E) TODO: It is rolled out here?

The things that we need to do to ensure that outside developers have the greatest chance of success are…

  • Create a website/page that tells you the steps for getting a PT
  • Create a way for devs to find the website (See: PT-vangelist)
  • TODO Add bootstrapping information to website and wiki
    • In the short term "If you are interested f**k off... but, try the wiki."
    • In the long term "Communicate that there is a team and steer people towards the mailing list because it is perminant and asyncronous."

The process for removing a PT from TBB is

  • We need a process & criteria for evaluating when a PT will get removed from Tor.
    • Drop a PT when it is broken? But it is rarely broken in all countries just because broken in one.
    • Drop when it takes up space? Two notions of space: package size, and UI/UX bloat.

Related Notes from the meeting:

  • TODO: Someone needs to update the PT page on the website.
  • Yawning is removing flashproxy
    • Arlo or Seree are currently adding XMPP support
    • David Fitfield is ok getting rid of it.
    • Flashproxy should be killed
      • Should we ping Griffin re: cupcake
  • Uproxy is flashproxy with a browser interface
  • To what degree do we consider PT's a solved problem?

In person meetings are coming up

  • 1) There will be a meeting getting developers of PT's together to figure out what is missing, what is fucked up, etc. And fix it.
  • 2) There will be a second meeting that will get external people together and get feedback about what others want and expand/adapt to accomidate some of these other tools.
  • When the Tor spec was initally pushed psiphon and other groups provided absurd feedback
    • "We want a server embedded in the libraries."
    • Yawning plans to write the spec that he thinks is best either way.
  • Obs4 works pretty well for the 500 people who know about it.
    • TODO: Change the default pluggable transport to Obs4 to increase usage.
    • David Fitfield is adding a default bridge.
    • TODO: Each time we release a new browser bundle we should spin up a new bridge for it.
Last modified 4 years ago Last modified on Oct 3, 2015, 2:27:32 PM