Changes between Initial Version and Version 1 of org/meetings/2017Amsterdam/Notes/MemorySafeLanguagesandTor


Ignore:
Timestamp:
Apr 1, 2017, 8:41:44 PM (2 years ago)
Author:
alison
Comment:

added session notes

Legend:

Unmodified
Added
Removed
Modified
  • org/meetings/2017Amsterdam/Notes/MemorySafeLanguagesandTor

    v1 v1  
     1Memory Safe Languages and Tor
     2
     3We started this session with one agreement: that we wouldn't spend our time bikeshedding Golang versus Rust. Instead, we focused on two questions: 1) What are our goals for migrating the Tor codebase to a memory safe language, and 2) How can we accomplish these goals?
     4
     5Our notes are split along those two categories.
     6
     7Goals:
     8    - Do no harm (the code that we deploy should not be a liability to the user)
     9    - Have confidence in what is deployed
     10    - Reduce size/memory requirements
     11    - Developer friendliness
     12    - Productivity
     13    - Cross compatibility
     14    - Not adding too much overhead
     15    - 3rd party implementations
     16    - Re-use existing test vectors
     17    - Reproducibility
     18
     19How:
     20    - Modularity
     21    - Utalizing the test network
     22    - Improving specifications/making editing easier
     23    - Identify incremental steps
     24    - Focus on improving places with attack surfaces
     25    - Reduce inter-module dependencies
     26    - No cgo!
     27    - Split tor and identify communication between
     28    - Don't have parallel implementations
     29    - tor main function implementation (replace libevent)
     30    - Rust capability will be useful for team knowledge while working on Firefox
     31    - Pick one component to experiment with
     32    - Prove how Rust can be integrated into the tor build system
     33    - Further research Rust maturity/portability, overall, whether Rust is a suitible replacement
     34    - Supprot for integration testing
     35   
     36Questions:
     37    - Clean slate versus incremental component migration
     38   
     39Ideas of where to start:
     40    - Directory authority modules
     41   
     42We also discussed third party implementations in languages such as erlang, but decided to focus our discussion on migrating the existing tor codebase. However we identified the need to dramatically improve torspec, in order to enable third parties to implement existing Tor protocols. This will be helpful to test interoperability amongst other benefits.
     43
     44At the end, Rust was the language most talked about (favorably). We identified the goal of taking next steps to experiement with some of the potential solutions we identified, and report back on what we learned.