Thanks for taking notes!

I'll be reviewing the threat model from an M-Lab perspective and adding git issues, as is custom. I plan to make time for this before the end of this week. If anyone has any specific questions I can answer before then, don't hesitate. 

Cheers!
M




On Mon, Jul 8, 2013 at 1:12 PM, Nathan Wilcox <nathan@leastauthority.com> wrote:
Arturo:

We're working on specification tasks.

We completed backend spec; including specifying collector policy for
both inputs and net-tests.

Stephen reviewed the spec:
https://github.com/TheTorProject/ooni-spec/blob/master/oonib.md

Two points of discussion:

S 2.5 how we publish reports - Ooni suggested scp, but MLab may be
different.  We should leave that out of the backend spec, because it
depends on the backend infrastructure.

How will the test_helper learn effective probe IP address?  Stephen
and Arturo realize they misunderstood the issue, and this should
already be handled by ooni (see:
https://github.com/TheTorProject/ooni-probe/issues/90).  Daira
discussed alternatives with Arturo.

Why is the collector exposed by https and tor hidden service is
answered in the spec.

Added a feature which exposes inputs / decks from the backend.

Added a "bouncer" in the spec which aids in discovery for test helpers
and collectors.  This is similar to mlab-ns.  Some aspects might be
implemented by mlab-ns.  There's a need for ooni to provide
requirements for mlab-ns.  Stephen will review that spec and send
questions about "bouncer" to understand how similar it is to mlab-ns.

We improved some charts: backend dataflow diagram.  Stephen will do
something similar for MLab.
See: https://github.com/TheTorProject/ooni-spec/blob/master/diagrams/ooni-backend-diagram.pdf


Nathan asks: Should the ooni-spec and ooni-probe wiki be merged?
Arturo suggests we (Arturo & Aaron) should consolidate ooni-spec,
should migrate to the wiki.


Nathan gives a Threat Model presentation.  That's me! -so I didn't
take notes on that section.  It was an overview of this wiki:
https://github.com/TheTorProject/ooni-probe/wiki/Threat-Model


As is apparently now our custom: "Toodles!"

--
Nathan Wilcox
Least Authoritarian

GPG id: CBA48BDD
GPG fingerprint: 9309 EB72 87D4 192F 0D7E  0F16 1191 AF31 CBA4 8BDD
_______________________________________________
ooni-dev mailing list
ooni-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/ooni-dev



--

Meredith Whittaker
Program Manager, Google Research
Google NYC