Hi eveyone,
On 24 February, we held our weekly team meeting. The meeting log is available at http://meetbot.debian.net/tor-meeting2/2020/tor-meeting2.2020-02-24-18.29.lo...
During this meeting we briefly discussed #13410 and how a naming system like Namecoin could provide a database where TLS certificates can be verified as trusted (via a TLSA-like mechanism).
Team progress and discussion notes ================================== Discussion:
pospeselr:
Last week:
- #29120 (Mozilla 1532486) uplifted (hmm) - #13410 work (Disable self-signed certificate warnings when visiting .onion sites)
- figured out a lot of ways to not do this >:[
- CertVerifier.cpp seems like the right place, should hopefully have this working today/tomorrow
This week:
- #13410 - should have a patch ready middle of this week
- Firefox release notes review ASAP
- #33298 - not necessary for S27, but technically needed to be consistent between HTTPS and onions
- delay to whenever
Jeremy Rand: Last week: - Did more hacking on the linux-arm port of Tor Browser. (I have a working mozconfig that builds a working linux-arm binary of Tor Browser's Firefox, in a Debian Buster ppc64le VM. The same mozconfig produces a build error in a Debian Buster rbm container. So the remaining bugs are not related to the mozconfig.) This week: - [discuss] Post the tor-talk thread after Matt finishes reviewing it. (@sysrqb is there any ETA on getting that reviewed?) - Maybe hack some more on the linux-arm port.
mcs and brade: Last week: - Reviewed patch for #32645 (Update URL bar onion indicators). - Posted patches for #19251 (onion services error page). - Worked on self feedback for TPI Feedback Cycle 2020-1. This week/upcoming: - Review pospeselr’s new #32645 patch (Update URL bar onion indicators). - Look at proposed onion service error strings (#33035). - Investigate #31984 (TB 9.x partial update: unable to remove directory: tobedeleted). - Work on self & peer feedback for TPI Feedback Cycle 2020-1.
GeKo:
Last week:
- worked on RLBox (I have backported patches up for review in #32380, will post the final branch after the meeting)
- had fun with #33416 while building the alpha (Android container creation breaks when building Tor Browser 9.5a6)
- a bit more work on the design document
This week:
- moar work on RLBox:
* [discuss] the plan is to have the patch integration sorted out this week and up for review (boklm: sysrqb: i'll be at a meeting in parallel, so I guess we can chat after the tor browser meeting about how to proceed here)
* start the macOS backports (#33410)
- design doc update
boklm: Last week: - Made patches for: - #33380 (Add *.json to sha256sums-unsigned-build.txt) - #33403 (Add nightly mar key) - #33402 (Set app.update.url for nightly) - Updated script for #25102 (Add script to sign nightly build mar files, generate update-responses xml and publish the new version): - signed nightly mar files and update xml are now on https://nightlies.tbb.torproject.org/nightly-updates/ - Helped build new alpha - Looked at blog comments This week: - Check if nightly updates are working - Help with publishing the new alpha - Look at testsuite setup - Some reviews: - RLBox patches - #28704 and child tickets (Compile Tor and dependencies on our own for Android) - #32456 (Add a question in support.tpo about anti-virus reporting a virus in Tor Browser) - Try to help with #32650 (Check translations for bogus characters)
acat: Last week: - Rebase Tor Browser patches onto mozilla-central. This week: - Rebase Tor Browser patches onto mozilla-central. - Investigate #33342 if there's time (Disconnect search addon causes error at startup)
sysrqb: Last week: - Release prep for 9.5a6 - Merged a few tickets - Reviewed some other tickets - Began sketching a process for getting l10n sign-off on new strings - Told Mozilla we might want to use Client Hints for informing websites we support .onion addresses This week: - Finish 9.5a6 release - Working on getting Apple notarization working - Finally respond to Jeremy - Maybe catch up on RLBox - I'll think of some more things when I start doing them
sisbell: Last Week: - Android for Tor - broke apart commits into separate branches, made various fixes based on reviews, did fix for build to work for Debian 19.10 - #32534 - add TBB project for jtorctl, integrated into rest of build This Week: - Respond and fix, based on reviews - Upgrade tor binaries to 0.4.x in tor-android-services - #32476 - work on JNI support for embedded tor for android - Fenix Investigation ==================================
Thanks, Matt