Hi all :)
This is my monthly status report for August 2024 with the main relevant activities I have done, was involved or are related to my work during the period.
# Things I've done
## Notes from the Lisbon meeting
Finally sorted and edited notes from the Lisbon Meeting!
I would like to thank Rasmus Dahlberg for his impressive note taking skills!
Public notes are available here:
* Onion Plan: https://gitlab.torproject.org/tpo/team/-/wikis/Meetings/2024/Lisbon/onion-pl...
* ACME for Onions: https://gitlab.torproject.org/tpo/team/-/wikis/Meetings/2024/Lisbon/update-o...
* Self-authenticated certificates for Onion Services: https://gitlab.torproject.org/tpo/team/-/wikis/Meetings/2024/Lisbon/self-aut...
## Onion Services and Mixed content handling
Did some security evaluation for Tor Browser about upcoming changes on mixed content handling on upstream Firefox: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43013
## Onion Discovery
Updated some documents related to Onion Discovery:
* Onion Association page: https://onionservices.torproject.org/research/proposals/usability/discovery/...
* Specs for DNS-based .onion records: https://onionservices.torproject.org/research/appendixes/dns/
## Onionbalance
Onionbalance documentation was migrated to Onion MkDocs and included in the Ecosystem:
* New URL: https://onionservices.torproject.org/apps/base/onionbalance/
* Related issues: * https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/issues/28 * https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/2
## House keeping
* Created monthly scheduled builds for all major projects at https://gitlab.torproject.org/tpo/onion-services
* Created monthly scheduled builds for documentation generators such as Onion MkDocs, Onion TeX Slim and Onion Reveal: * https://gitlab.torproject.org/tpo/web/onion-mkdocs/ * https://gitlab.torproject.org/tpo/web/onion-reveal/ * https://gitlab.torproject.org/tpo/community/onion-tex-slim
* Invited the Renovate Bot (https://gitlab.torproject.org/tpo/tpa/renovate-cron) to help keeping some more projects.
## Support
* Ongoing sponsored work with deployment, maintenance and monitoring of Onion Services.
# Other news from the Onionspace
* The ACME for Onions (https://acmeforonions.org/) Internet Draft is going through the Last Call on the IETF working group!
Current status available at https://datatracker.ietf.org/doc/draft-ietf-acme-onion/history/
The ACME for Onions (https://e.as207960.net/w4bdyj/ET9hZkhowQILSTGe Internet Draft is going
through the Last Call on the IETF working group!
It'd be great if people could voice their support for the draft on the working group mailing list to help get it over the line. ------------------------------
Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 https://find-and-update.company-information.service.gov.uk/company/12417574, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 https://ico.org.uk/ESDWebPages/Entry/ZA782876. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively.
On Tue, 3 Sept 2024 at 16:21, rhatto rhatto@torproject.org wrote:
Hi all :)
This is my monthly status report for August 2024 with the main relevant activities I have done, was involved or are related to my work during the period.
# Things I've done
## Notes from the Lisbon meeting
Finally sorted and edited notes from the Lisbon Meeting!
I would like to thank Rasmus Dahlberg for his impressive note taking skills!
Public notes are available here:
- Onion Plan:
https://e.as207960.net/w4bdyj/jQjiHY6j9yZuEDYZ
- ACME for Onions:
https://e.as207960.net/w4bdyj/H1i76eODQzxnWkNr
- Self-authenticated certificates for Onion Services:
https://e.as207960.net/w4bdyj/3Mao2OdoWEayLf8d
## Onion Services and Mixed content handling
Did some security evaluation for Tor Browser about upcoming changes on mixed content handling on upstream Firefox: https://e.as207960.net/w4bdyj/aV5RBmdrAH7nrgN2
## Onion Discovery
Updated some documents related to Onion Discovery:
- Onion Association page:
https://e.as207960.net/w4bdyj/BQUo8zb3e6MSRI6i
- Specs for DNS-based .onion records: https://e.as207960.net/w4bdyj/vTP8bEbDM7UwXiSJ
## Onionbalance
Onionbalance documentation was migrated to Onion MkDocs and included in the Ecosystem:
Related issues:
https://e.as207960.net/w4bdyj/xJQRbuhtu11v6hD9
## House keeping
Created monthly scheduled builds for all major projects at https://e.as207960.net/w4bdyj/ZXVdvRsktfeefkF0
Created monthly scheduled builds for documentation generators such as
Onion MkDocs, Onion TeX Slim and Onion Reveal:
Invited the Renovate Bot (https://e.as207960.net/w4bdyj/f2dps1SVnOQQcV4Y to help keeping
some more projects.
## Support
- Ongoing sponsored work with deployment, maintenance and monitoring of
Onion Services.
# Other news from the Onionspace
The ACME for Onions (https://e.as207960.net/w4bdyj/WB5Sltbh5jCYKp8C Internet Draft is going through the Last Call on the IETF working group!
Current status available at https://e.as207960.net/w4bdyj/wh8rNaODcR8ekiiu
-- Silvio Rhatto pronouns he/him _______________________________________________ tor-project mailing list tor-project@lists.torproject.org https://e.as207960.net/w4bdyj/cour8KYgsGhR8BeZ
Hi Q - can you give me a pointer to where the working group mailing list is, and I'll happily voice support for it.
micah
On 2024-09-03 16:45:59, Q Misell via tor-project wrote:
The ACME for Onions (https://e.as207960.net/w4bdyj/ET9hZkhowQILSTGe Internet Draft is going
through the Last Call on the IETF working group!
It'd be great if people could voice their support for the draft on the working group mailing list to help get it over the line.
Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 https://find-and-update.company-information.service.gov.uk/company/12417574, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 https://ico.org.uk/ESDWebPages/Entry/ZA782876. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively.
On Tue, 3 Sept 2024 at 16:21, rhatto rhatto@torproject.org wrote:
Hi all :)
This is my monthly status report for August 2024 with the main relevant activities I have done, was involved or are related to my work during the period.
# Things I've done
## Notes from the Lisbon meeting
Finally sorted and edited notes from the Lisbon Meeting!
I would like to thank Rasmus Dahlberg for his impressive note taking skills!
Public notes are available here:
- Onion Plan:
https://e.as207960.net/w4bdyj/jQjiHY6j9yZuEDYZ
- ACME for Onions:
https://e.as207960.net/w4bdyj/H1i76eODQzxnWkNr
- Self-authenticated certificates for Onion Services:
https://e.as207960.net/w4bdyj/3Mao2OdoWEayLf8d
## Onion Services and Mixed content handling
Did some security evaluation for Tor Browser about upcoming changes on mixed content handling on upstream Firefox: https://e.as207960.net/w4bdyj/aV5RBmdrAH7nrgN2
## Onion Discovery
Updated some documents related to Onion Discovery:
- Onion Association page:
https://e.as207960.net/w4bdyj/BQUo8zb3e6MSRI6i
- Specs for DNS-based .onion records: https://e.as207960.net/w4bdyj/vTP8bEbDM7UwXiSJ
## Onionbalance
Onionbalance documentation was migrated to Onion MkDocs and included in the Ecosystem:
Related issues:
https://e.as207960.net/w4bdyj/xJQRbuhtu11v6hD9
## House keeping
Created monthly scheduled builds for all major projects at https://e.as207960.net/w4bdyj/ZXVdvRsktfeefkF0
Created monthly scheduled builds for documentation generators such as
Onion MkDocs, Onion TeX Slim and Onion Reveal:
Invited the Renovate Bot (https://e.as207960.net/w4bdyj/f2dps1SVnOQQcV4Y to help keeping
some more projects.
## Support
- Ongoing sponsored work with deployment, maintenance and monitoring of
Onion Services.
# Other news from the Onionspace
The ACME for Onions (https://e.as207960.net/w4bdyj/WB5Sltbh5jCYKp8C Internet Draft is going through the Last Call on the IETF working group!
Current status available at https://e.as207960.net/w4bdyj/wh8rNaODcR8ekiiu
-- Silvio Rhatto pronouns he/him _______________________________________________ tor-project mailing list tor-project@lists.torproject.org https://e.as207960.net/w4bdyj/cour8KYgsGhR8BeZ
tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
Ah yes, that would've been useful to include. The ML is at https://mailman3.ietf.org/mailman3/lists/acme@ietf.org/ ------------------------------
Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 https://find-and-update.company-information.service.gov.uk/company/12417574, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 https://ico.org.uk/ESDWebPages/Entry/ZA782876. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively.
On Fri, 6 Sept 2024 at 02:08, Micah Anderson micah@torproject.org wrote:
Hi Q - can you give me a pointer to where the working group mailing list is, and I'll happily voice support for it.
micah
On 2024-09-03 16:45:59, Q Misell via tor-project wrote:
The ACME for Onions (https://e.as207960.net/w4bdyj/ZVNEfJ676JSSAurB
Internet Draft is going
through the Last Call on the IETF working group!
It'd be great if people could voice their support for the draft on the working group mailing list to help get it over the line.
Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 <
https://e.as207960.net/w4bdyj/IgPg6TqGvJZAOOK4
, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 https://ico.org.uk/ESDWebPages/Entry/ZA782876. UK VAT №: GB378323867.
EU
VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian
VAT
№: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively.
On Tue, 3 Sept 2024 at 16:21, rhatto rhatto@torproject.org wrote:
Hi all :)
This is my monthly status report for August 2024 with the main relevant activities I have done, was involved or are related to my work during
the
period.
# Things I've done
## Notes from the Lisbon meeting
Finally sorted and edited notes from the Lisbon Meeting!
I would like to thank Rasmus Dahlberg for his impressive note taking skills!
Public notes are available here:
- Onion Plan:
https://e.as207960.net/w4bdyj/1KlS5NUE5ek8FP6u
- ACME for Onions:
https://e.as207960.net/w4bdyj/DuKJSU2vpGP84O6j
- Self-authenticated certificates for Onion Services:
https://e.as207960.net/w4bdyj/G71yUFxw62SfQIwk
## Onion Services and Mixed content handling
Did some security evaluation for Tor Browser about upcoming changes on mixed content handling on upstream Firefox: https://e.as207960.net/w4bdyj/Jg69gTTxJF1WPVhy
## Onion Discovery
Updated some documents related to Onion Discovery:
- Onion Association page:
https://e.as207960.net/w4bdyj/EcspAhyvHYNTPAwu
- Specs for DNS-based .onion records: https://e.as207960.net/w4bdyj/VHywD2cO7Onkijrq
## Onionbalance
Onionbalance documentation was migrated to Onion MkDocs and included in
the
Ecosystem:
Related issues:
https://e.as207960.net/w4bdyj/Ms4ndfBtoHaqecBH
## House keeping
Created monthly scheduled builds for all major projects at https://e.as207960.net/w4bdyj/bvLRCaaed50REgZJ
Created monthly scheduled builds for documentation generators such as
Onion MkDocs, Onion TeX Slim and Onion Reveal:
Invited the Renovate Bot (https://e.as207960.net/w4bdyj/1TU3kJJ9lV2yxvIW to help keeping
some more projects.
## Support
- Ongoing sponsored work with deployment, maintenance and monitoring of
Onion Services.
# Other news from the Onionspace
- The ACME for Onions (https://e.as207960.net/w4bdyj/MyrJ42CDtQPZIUDW
Internet Draft is going
through the Last Call on the IETF working group!
Current status available at https://e.as207960.net/w4bdyj/ayOW0NkCJOIrBIzq
-- Silvio Rhatto pronouns he/him _______________________________________________ tor-project mailing list tor-project@lists.torproject.org https://e.as207960.net/w4bdyj/g8I2yEOtu90AFm9L
tor-project mailing list tor-project@lists.torproject.org https://e.as207960.net/w4bdyj/cUNvR1bSXBqu3imJ
tor-project mailing list tor-project@lists.torproject.org https://e.as207960.net/w4bdyj/x0jVGhNwQDMX61FM
Hi Q,
On 2024-09-06 at 03:06, Q Misell via tor-project wrote:
Ah yes, that would've been useful to include. The ML is at https://mailman3.ietf.org/mailman3/lists/acme@ietf.org/
On Fri, 6 Sept 2024 at 02:08, Micah Anderson micah@torproject.org wrote:
Hi Q - can you give me a pointer to where the working group mailing list is, and I'll happily voice support for it.
micah
On 2024-09-03 16:45:59, Q Misell via tor-project wrote:
The ACME for Onions (https://e.as207960.net/w4bdyj/ET9hZkhowQILSTGe Internet Draft is going through the Last Call on the IETF working group!
It'd be great if people could voice their support for the draft on the working group mailing list to help get it over the line.
I will be glad to post something if it would be useful. Though I've looked at drafts of the RFC before, I hadn't been on the ACME mailing list. I've now joined and looked over recent discussion.
The message from Tomofumi Okubo on Aug 16 says that they wanted any concerns voiced by Aug 28 and otherwise would assume no problems and put it forward. Would it actually be helpful for someone who just joined the list to say that they are in support of the draft being adopted? Or would that actually look odd and be potentially counterproductive? E.g. potentially cause people to take another look when they were ready to move it along.
It seems like all the posts since Aug 16 were from insiders or authoritative folk posting nits mostly about proper use of "should", "must", "required", etc.
I could simply say that I have read the latest draft, including responses to the nits raised since Aug 16 and am in favor of adoption. (And is "adoption" the right word or does that have a technical meaning in this context?) Would it be better to express such generic support or would giving more specific reasons for my support be more helpful?
If something specific about why I support the RFC would be helpful I could say how I hope this will be adopted soon. There are many positives, but I am most interested in securing association between onion addresses and registered domains. There are already thousands of domains using the current Onion-Location means of association, which has some security limitations. Facilitating easier obtaining of TLS certificates for onion addresses would be a helpful for making significant improvements to the usability and security of onion association. So I hope adoption of the standard moves that along.
Let me know if any of those options would be helpful (or if not let me know that too), or give me suggestions if something different would be more helpful.
SVV, Paul
The message from Tomofumi Okubo on Aug 16 says that they wanted any
concerns voiced by Aug 28 and otherwise would assume no problems and put it forward.
Ah, somehow I missed that the deadline had already passed. That said if anyone has any major concerns with the draft please do voice them still. Its better to address them now than try to fix them later.
Would it be better to express such generic support or would giving more
specific reasons for my support be more helpful?
Generic support is useful at this stage. The draft is - as far as the IETF is concerned - mostly done, and just saying this is ready is useful. ------------------------------
Any statements contained in this email are personal to the author and are not necessarily the statements of the company unless specifically stated. AS207960 Cyfyngedig, having a registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca Digital, is a company registered in Wales under № 12417574 https://find-and-update.company-information.service.gov.uk/company/12417574, LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 https://ico.org.uk/ESDWebPages/Entry/ZA782876. UK VAT №: GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 46001, trading as Glauca Digital, is a company registered in Estonia under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the Glauca logo are registered trademarks in the UK, under № UK00003718474 and № UK00003718468, respectively.
On Fri, 6 Sept 2024 at 19:47, Syverson, Paul F CIV USN NRL WASHINGTON DC (USA) paul.f.syverson.civ@us.navy.mil wrote:
Hi Q,
On 2024-09-06 at 03:06, Q Misell via tor-project wrote:
Ah yes, that would've been useful to include.
The ML is at https://mailman3.ietf.org/mailman3/lists/acme@ietf.org/
On Fri, 6 Sept 2024 at 02:08, Micah Anderson micah@torproject.org
wrote:
Hi Q - can you give me a pointer to where the working group mailing list
is, and I'll happily voice support for it.
micah
On 2024-09-03 16:45:59, Q Misell via tor-project wrote:
The ACME for Onions
(https://e.as207960.net/w4bdyj/tqLp5tDctXOZLXbP Internet Draft is
going through the Last Call on the IETF working group!
It'd be great if people could voice their support for the draft on
the working group mailing list to help get it over the line.
I will be glad to post something if it would be useful. Though I've
looked at drafts of the RFC before, I hadn't been on the ACME mailing
list. I've now joined and looked over recent discussion.
The message from Tomofumi Okubo on Aug 16 says that they wanted any
concerns voiced by Aug 28 and otherwise would assume no problems and
put it forward. Would it actually be helpful for someone who just
joined the list to say that they are in support of the draft being
adopted? Or would that actually look odd and be potentially
counterproductive? E.g. potentially cause people to take another
look when they were ready to move it along.
It seems like all the posts since Aug 16 were from insiders or
authoritative folk posting nits mostly about proper use of "should",
"must", "required", etc.
I could simply say that I have read the latest draft, including
responses to the nits raised since Aug 16 and am in favor of adoption.
(And is "adoption" the right word or does that have a technical
meaning in this context?) Would it be better to express such generic
support or would giving more specific reasons for my support be more
helpful?
If something specific about why I support the RFC would be helpful I
could say how I hope this will be adopted soon. There are many
positives, but I am most interested in securing association between
onion addresses and registered domains. There are already thousands of
domains using the current Onion-Location means of association, which
has some security limitations. Facilitating easier obtaining of TLS
certificates for onion addresses would be a helpful for making
significant improvements to the usability and security of onion
association. So I hope adoption of the standard moves that along.
Let me know if any of those options would be helpful (or if not let me
know that too), or give me suggestions if something different would be
more helpful.
SVV,
Paul
tor-project@lists.torproject.org
-
Micah Anderson -
Q Misell -
rhatto -
Syverson, Paul F CIV USN NRL WASHINGTON DC (USA)