The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2024-03-26T20:31:08Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42305(Semi-)Automatically merge translation resources across tor browser releases ...2024-03-26T20:31:08Zhenry(Semi-)Automatically merge translation resources across tor browser releases (desktop)/cc @emmapeel @pierov
When I had my time offline the week before last I wrote a script to which takes a `tor-browser` or `firefox-android` translation file (`.dtd`, `.properties`, `.ftl`, or android `.xml`), and a new and an old branch.../cc @emmapeel @pierov
When I had my time offline the week before last I wrote a script to which takes a `tor-browser` or `firefox-android` translation file (`.dtd`, `.properties`, `.ftl`, or android `.xml`), and a new and an old branch name, and merges the versions found in both branches together with a comment added for strings that will be dropped at the next release. Here is the initial draft of the script if you want a quick look: [combine-translation-versions.py](/uploads/83cf1424566cf3b3222e6a60682bcc56/combine-translation-versions.py)
We could use the output as the `en-US` source files for weblate, combining both the strings needed for the next release as well as for the current stable release. The idea being that in tor-browser we can stop trying to maintain all the old strings in the current development branch that are still needed for the current stable release. And we can avoid having to manual clean ups of old strings, like in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42221.
E.g., if we have `tor-browser.ftl` in tor-browser-xxx-13.5 with the content
```
string1 = String 1
new-string = New String
string2 = String 2
```
and in tor-browser-xxx-13.0 with the content
```
old-string = Old String
string1 = String 1
string2 = String 2
```
the script would output
```
string1 = String 1
new-string = New String
string2 = String 2
## Will be unused in Tor Browser 13.5!
old-string = Old String
```
The reason I add the comment is to provide a little notification to weblate translators in the "Source string description" to let them know that a string has a short lifetime. Weblate doesn't support descriptions for `.dtd` though so it won't work for that format.
@emmapeel and @pierov what do you think? And where would we want to run this script?
I guess we basically want to merge the translations files from both the branch used for current nightly and current stable. I'm not sure if this can be automatically pulled from `tor-browser-build` in a convenient way, or whether we would need some manual input.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42437Drop "torbrowser.version" preference2024-03-26T20:27:58ZhenryDrop "torbrowser.version" preference"torbrowser.version" is defined based on `__BASE_BROWSER_VERSION_QUOTED__`, but is only used in one place: https://gitlab.torproject.org/tpo/applications/tor-browser/-/blob/8614325290175a7253f11501d823db65ab805257/browser/components/abou..."torbrowser.version" is defined based on `__BASE_BROWSER_VERSION_QUOTED__`, but is only used in one place: https://gitlab.torproject.org/tpo/applications/tor-browser/-/blob/8614325290175a7253f11501d823db65ab805257/browser/components/abouttor/AboutTorMessage.sys.mjs#L30.
But we could just use the existing "browser.startup.homepage_override.torbrowser.version" instead.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41082Package tor expert bundle on android as .aar that firefox-android can use in ...2024-03-26T20:15:29ZDan BallardPackage tor expert bundle on android as .aar that firefox-android can use in lieu of tor-android-service with geckoview bootstrapDan BallardDan Ballardhttps://gitlab.torproject.org/tpo/ux/research/-/issues/70Supplement quantitative VPN research with qualitative interviews2024-03-26T20:14:32ZdonutsSupplement quantitative VPN research with qualitative interviewsWe've already received an overwhelming response for the VPN Discovery Survey, and are expecting a similar level of engagement for any future surveys advertised on Tor Browser. However, it would be great to supplement this quantitative re...We've already received an overwhelming response for the VPN Discovery Survey, and are expecting a similar level of engagement for any future surveys advertised on Tor Browser. However, it would be great to supplement this quantitative research with qualitative interviews to help us reach underrepresented demographics from the global south.
In addition to asking select questions from the VPN Discover Survey, we should also seek to understand their use-cases for using VPN-style products and what features they would consider essential for the MVP.
To achieve this, we'll need to:
### Recruit participants
- [x] Create a screening survey (en/pt/es)
- [x] Analyze survey
- [x] Recruit willing participants
### Conduct the interviews
- [x] Draft an interview script
- [x] Gather feedback and review interview script
- [x] Schedule and confirm interviews in english, portuguese and spanish
- [x] Conduct the interviews within Q2 and Q3
### Report the results
- [x] Transcribe and translate (when needed) the interviews
- [x] Analyze interviews & Write a public report
- [x] Incorporate our findings into the user stories/product requirements where applicable
This ticket relates to the following objectives:
* O1.1: Conduct interviews and surveys with target users to create user stories representing the needs of various types of users with respect to VPN usage, browser safety, and censorship. Collaborate with Guardian Project to utilize and integrate their existing and ongoing user research on Orbot.Sponsor 101 - Tor VPN Client for Androiddonutsdonutshttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/41097authenticode-timestamping.sh fails to run again because tmp-timestamp already...2024-03-26T20:08:31Zboklmauthenticode-timestamping.sh fails to run again because tmp-timestamp already existsIf running `authenticode-timestamping.sh` fails for some reason, running
it again will fail because directory `tmp-timestamp` already exists.
We should use a directory created with `mktemp` to avoid this.If running `authenticode-timestamping.sh` fails for some reason, running
it again will fail because directory `tmp-timestamp` already exists.
We should use a directory created with `mktemp` to avoid this.boklmboklmhttps://gitlab.torproject.org/tpo/web/donate/-/issues/18120 Stripe / PayPal transactions missing from CiviCRM, 30 January - 5 Februar...2024-03-26T19:26:25Zmattlav120 Stripe / PayPal transactions missing from CiviCRM, 30 January - 5 February 2024Between 30 January and 5 February, I was able to identify (by comparing transaction records) 120 transactions totaling $2,085 that remained un-recorded in CiviCRM. The money came to Tor, but the records of the transactions did not.
In t...Between 30 January and 5 February, I was able to identify (by comparing transaction records) 120 transactions totaling $2,085 that remained un-recorded in CiviCRM. The money came to Tor, but the records of the transactions did not.
In time I was able to find all the transactions and import dummy versions of them to CiviCRM, so our books will balance. But we still should figure out what happened, and whether we should take steps to prevent it.
I kept pretty detailed records of how I proceeded, along with all the data dumped from Stripe and PayPal, in a [NextCloud folder](https://nc.torproject.net/index.php/f/535242) - but I don't imagine this will be very easy to interpret if you're not me. So the way forward is probably for me to do a little show and tell with TPA, in order to enable you to figure out what went haywire for the week in question.anarcatanarcathttps://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/173Deprecate captcha moat2024-03-26T19:01:23Zmeskiomeskio@torproject.orgDeprecate captcha moatCAPTCHAs have being problematic for many users and easy for censors to block. As part of the BridgeDB deprecation might be time to deprecate captcha moat.
This brings some questions:
* Is the current Circumvention Settings API enough to...CAPTCHAs have being problematic for many users and easy for censors to block. As part of the BridgeDB deprecation might be time to deprecate captcha moat.
This brings some questions:
* Is the current Circumvention Settings API enough to replace the existing use of captcha moat?
* Are we ok using the *settings* bridge pool in places where we've being using the *moat* pool? So deprecate that pool.meskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41564Install make and newer golang in rdsys-test-012024-03-26T18:18:36Zmeskiomeskio@torproject.orgInstall make and newer golang in rdsys-test-01I need make and golang>=1.21 (is available in bookworm-backports) to build some binaries for testing on the server Can you install it?
Thank you.I need make and golang>=1.21 (is available in bookworm-backports) to build some binaries for testing on the server Can you install it?
Thank you.Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.orghttps://gitlab.torproject.org/tpo/ux/research/-/issues/130Create demographics questionnaire2024-03-26T17:51:21ZdonutsCreate demographics questionnaireFacilitators are asked to distribute a demographics questionnaire to participants. Each question is optional and may be skipped, which should be made clear to the participant. In addition, it would be good to include some text at the top...Facilitators are asked to distribute a demographics questionnaire to participants. Each question is optional and may be skipped, which should be made clear to the participant. In addition, it would be good to include some text at the top of the questionnaire to explain why we collect demographics, e.g.
- To ensure we are reaching users from diverse backgrounds, and that marginalized groups are represented.
- Some funders require us to report back basic information (e.g. the gender breakdown of our studies) for Diversity, Equity and Inclusion.
- To identify basic trends in our studies.
And how we safeguard their information, e.g.
- Questions are general and do not ask the participant to disclose personal information.
- Demographic data is aggregated per study in our reporting.
- The raw demographic data is deleted as per our data handling policy.
**Estimate**: Medium × Moderate = 3–4.5 d
### Tasks
- [x] Draft content
- [x] Research description
- [x] Consent
- [x] Demographics
- [x] Prototype PDF form
- [x] Prototype LimeSurvey
- [x] Decide whether to include consent questions (@donuts)
- [x] Decide between PDF and LimeSurvey (@donuts)
- [x] Integrate better with https://gitlab.torproject.org/tpo/ux/research/-/blob/master/scripts%20and%20activities/2021/consent_form.md
- [x] Theme
- [x] Decide on the base theme → fruity twentythree
- [x] Create Git repo (otherwise I'll get lost...): https://gitlab.com/sajolida/fruity-twentythree-tor
- [x] Use [Space Grotesk](https://fonts.google.com/specimen/Space+Grotesk) for headings
- [x] Use [Inter](https://fonts.google.com/specimen/Inter) for text body
- [x] Add [Tor branding](https://styleguide.torproject.org/brand-assets/)
- [x] Improve for printing
- [x] Always display data handling policy
- [x] Hide buttons
- [x] Avoid page breaks inside a question block
- [x] Deploy theme on survey.torproject.org (tpo/tpa/team#41486)
- [x] Assign to the "UX surveys" group (tpo/tpa/team#41490)
- [x] Finish discussing the risk assessment questions
- [x] Threats question
- [x] Profiles question
- [x] Document them as optional in the survey template
### Draft questionnaire
See here: https://pad.riseup.net/p/tor-user-surveys-keep
### Final survey template
[consent_and_demographics_questionnaire.lss](/uploads/db87902c459293981dcbc813a5412cc9/consent_and_demographics_questionnaire.lss)Sponsor 9 - Phase 7 - Usability and Community Intervention on Support for Democracy and Human Rightssajolidasajolidahttps://gitlab.torproject.org/tpo/ux/research/-/issues/128Prepare testing plans and supporting materials for S9 partners2024-03-26T17:51:21ZdonutsPrepare testing plans and supporting materials for S9 partnersThe Community team are launching a call for proposals (see https://gitlab.torproject.org/tpo/community/training/-/issues/102) for select partners in East Africa and MENA to apply for funding to conduct Tor training workshops, user resear...The Community team are launching a call for proposals (see https://gitlab.torproject.org/tpo/community/training/-/issues/102) for select partners in East Africa and MENA to apply for funding to conduct Tor training workshops, user research for Tor, or both. Upon acceptance, our partners will be onboarded in February 2024 and run their activities in March and April 2024.
In advance of their onboarding, we need to prepare the following materials for successful applicants:
- Two detailed testing plans
- A demographics questionnaire
- Worksheets and/or reporting templates
Our partners may conduct their activities in person, remotely or via a hybrid approach, and connectivity may be limited or unreliable. As such, the materials created to support the studies must be usable online, offline or when printed too. If possible, instead of creating separate materials for screen and print, an interactive PDF for each material may work well.
We should also give each of the materials a little design TLC to help readers scan their content, using light graphic devices and sensible layouts to break up streams of text. For typography, display headings should be set in [Space Grotesk](https://fonts.google.com/specimen/Space+Grotesk), whereas small headings and body text should be set in [Inter](https://fonts.google.com/specimen/Inter).
**Estimate**: 72–109 h, including #8 and #90Sponsor 9 - Phase 7 - Usability and Community Intervention on Support for Democracy and Human Rightssajolidasajolidahttps://gitlab.torproject.org/tpo/core/arti/-/issues/1124Implement max_concurrent_streams_per_circuit2024-03-26T17:32:35ZNick MathewsonImplement max_concurrent_streams_per_circuitRight now this option exists, but it doesn't do anything.Right now this option exists, but it doesn't do anything.Arti: Onion Service SecurityNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird/-/issues/40014Intergrating WebTunnel into Lyrebird to reduce Distributed Binary Size2024-03-26T14:17:29ZshelikhooIntergrating WebTunnel into Lyrebird to reduce Distributed Binary SizeWe are considering integrating WebTunnel into WebTunnel in order to reduce the binary size of distributed binary.
This is a request from application team: the apk size is increasing and approaching the limit of Play Store. It might be b...We are considering integrating WebTunnel into WebTunnel in order to reduce the binary size of distributed binary.
This is a request from application team: the apk size is increasing and approaching the limit of Play Store. It might be beneficial for us to move webtunnel's entry point to Lyrebird to avoid shipping one more copy of the Go Runtime library.shelikhooshelikhoohttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42209Fluent migration: tor circuit2024-03-26T13:41:53ZhenryFluent migration: tor circuitMigrate tor circuit strings found in "torbutton.dtd" and "torbutton.properties" to Fluent.Migrate tor circuit strings found in "torbutton.dtd" and "torbutton.properties" to Fluent.henryhenryhttps://gitlab.torproject.org/tpo/tpa/status-site/-/issues/43Resolve Tor Weather outage entry2024-03-26T11:45:11ZGeorg KoppenResolve Tor Weather outage entryWe believe the transition to Tor Weather 2.0 is done and the system is working as expected. Let's resolve the outage entry on the status page.We believe the transition to Tor Weather 2.0 is done and the system is working as expected. Let's resolve the outage entry on the status page.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSproutsBot/-/issues/59@gettor_bot on Telegram does not work2024-03-26T10:20:35Znina@gettor_bot on Telegram does not workit shows "loading" but nothing happensit shows "loading" but nothing happensmeskiomeskio@torproject.orgmeskiomeskio@torproject.org2024-02-22https://gitlab.torproject.org/tpo/network-health/team/-/issues/352New round of contacting operators for DNS issues and badexiting problematic r...2024-03-26T07:30:50ZGeorg KoppenNew round of contacting operators for DNS issues and badexiting problematic relays (2024-03-18)We got the following report this week:
```
Relay 27636C308FF0E31C1A41915A76FCD2CC8F930F64 failed DNS check 5/5 times
Relay 322E49A24F7DF9B15DD73205FCB84C8E5ACF02AB failed DNS check 5/5 times
Relay 9BA8092290FC85C7E530646AA6BE63FBF80BFDF4...We got the following report this week:
```
Relay 27636C308FF0E31C1A41915A76FCD2CC8F930F64 failed DNS check 5/5 times
Relay 322E49A24F7DF9B15DD73205FCB84C8E5ACF02AB failed DNS check 5/5 times
Relay 9BA8092290FC85C7E530646AA6BE63FBF80BFDF4 failed DNS check 5/5 times
Relay E8516872CAF82CD99B6F95839E4C1AD654180F67 failed DNS check 5/5 times
Relay F77A8A221A6C86F8777169DC472C532BBA92B287 failed DNS check 4/4 times
```
Details:
```
[+] 27636C308FF0E31C1A41915A76FCD2CC8F930F64
> Addr: 2.58.56.90 - Contact: 'relaydonator[]skiff[]com' - Nickname: 'StoneCastle' - Version: 0.4.8.10
> Flags: ['Exit', 'Fast', 'Guard', 'HSDir', 'Running', 'Stable', 'V2Dir', 'Valid']
> OR Port: 443, Dir Port: 0
> Bandwidth: 14.1099 MB/s
> Uptime: 42 days, 11:28:08
https://metrics.torproject.org/rs.html#details/27636C308FF0E31C1A41915A76FCD2CC8F930F64
[+] 322E49A24F7DF9B15DD73205FCB84C8E5ACF02AB
> Addr: 184.105.48.40 - Contact: 'abuse@august.tw' - Nickname: 'AugustTORExit' - Version: 0.4.7.13
> Flags: ['Exit', 'Fast', 'Guard', 'HSDir', 'Running', 'Stable', 'V2Dir', 'Valid']
> OR Port: 443, Dir Port: 0
> Bandwidth: 4.200179 MB/s
> Uptime: 259 days, 14:02:27
https://metrics.torproject.org/rs.html#details/322E49A24F7DF9B15DD73205FCB84C8E5ACF02AB
[+] 9BA8092290FC85C7E530646AA6BE63FBF80BFDF4
> Addr: 51.222.142.67 - Contact: 'intern <me@theintern.pw>' - Nickname: 'theintern01' - Version: 0.4.8.7
> Flags: ['Exit', 'Fast', 'Guard', 'HSDir', 'Running', 'Stable', 'V2Dir', 'Valid']
> OR Port: 9001, Dir Port: 0
> Bandwidth: 5.615462000000001 MB/s
> Uptime: 138 days, 6:20:02
https://metrics.torproject.org/rs.html#details/9BA8092290FC85C7E530646AA6BE63FBF80BFDF4
[+] E8516872CAF82CD99B6F95839E4C1AD654180F67
> Addr: 191.252.92.147 - Contact: 'tor-relay.proton691@aleeas.com' - Nickname: 'favela' - Version: 0.4.8.10
> Flags: ['Exit', 'Running', 'Valid']
> OR Port: 443, Dir Port: 0
> Bandwidth: 1.524736 MB/s
> Uptime: 1 day, 12:02:15
https://metrics.torproject.org/rs.html#details/E8516872CAF82CD99B6F95839E4C1AD654180F67
[+] F77A8A221A6C86F8777169DC472C532BBA92B287
> Addr: 2.58.56.248 - Contact: 'relaydonator[]skiff[]com' - Nickname: 'StoneCastle' - Version: 0.4.8.10
> Flags: ['Exit', 'Fast', 'Guard', 'HSDir', 'Running', 'Stable', 'V2Dir', 'Valid']
> OR Port: 443, Dir Port: 0
> Bandwidth: 8.788254 MB/s
> Uptime: 43 days, 4:28:35
https://metrics.torproject.org/rs.html#details/F77A8A221A6C86F8777169DC472C532BBA92B287
```Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/core/tor/-/issues/40839MetricsPort Counter for "Bug" Events2024-03-26T07:07:34Zapplied_privacyMetricsPort Counter for "Bug" Events### Summary
Allow relay operators to monitor bug events via a MetricsPort counter
### What is the expected behavior?
Every time tor writes a block of "Bug: ..." log lines the counter should increase by 1.
This will allow us to monito...### Summary
Allow relay operators to monitor bug events via a MetricsPort counter
### What is the expected behavior?
Every time tor writes a block of "Bug: ..." log lines the counter should increase by 1.
This will allow us to monitor for such events using prometheus/alertmanager and report such events earlier.trinity-1686atrinity-1686ahttps://gitlab.torproject.org/tpo/ux/research/-/issues/22Share new material with community members to collect feedback about localized...2024-03-26T00:03:06ZGabagaba@torproject.orgShare new material with community members to collect feedback about localized versions- [x] Share the material worked during Sponsor 9, with members of the community.
- training materials
- outreach: Tor for Anti-censorship, Tor for Feminists, Tor for Human Rights, Tor for Privacy
- [x] Collect feedback about localiz...- [x] Share the material worked during Sponsor 9, with members of the community.
- training materials
- outreach: Tor for Anti-censorship, Tor for Feminists, Tor for Human Rights, Tor for Privacy
- [x] Collect feedback about localized versions.Sponsor 9 - Phase 5 - Usability and Community Intervention on Support for Democracy and Human RightsNahNahhttps://gitlab.torproject.org/tpo/network-health/metrics/networkstatusapi/-/issues/54Issues building version 0.3.12024-03-25T21:57:49ZHiroIssues building version 0.3.1I have managed to build version 0.3.1, but getting the following errors:
```
error[E0658]: `async fn` return type cannot contain a projection or `Self` that references lifetimes from a parent scope
--> /home/metrics-api/.cargo/registr...I have managed to build version 0.3.1, but getting the following errors:
```
error[E0658]: `async fn` return type cannot contain a projection or `Self` that references lifetimes from a parent scope
--> /home/metrics-api/.cargo/registry/src/index.crates.io-6f17d22bba15001f/sqlx-core-0.7.4/src/raw_sql.rs:143:10
|
143 | ) -> crate::Result<<E::Database as Database>::QueryResult>
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: see issue #103532 <https://github.com/rust-lang/rust/issues/103532> for more information
error[E0658]: `async fn` return type cannot contain a projection or `Self` that references lifetimes from a parent scope
--> /home/metrics-api/.cargo/registry/src/index.crates.io-6f17d22bba15001f/sqlx-core-0.7.4/src/raw_sql.rs:212:10
|
212 | ) -> crate::Result<Vec<<E::Database as Database>::Row>>
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: see issue #103532 <https://github.com/rust-lang/rust/issues/103532> for more information
error[E0658]: `async fn` return type cannot contain a projection or `Self` that references lifetimes from a parent scope
--> /home/metrics-api/.cargo/registry/src/index.crates.io-6f17d22bba15001f/sqlx-core-0.7.4/src/raw_sql.rs:236:10
|
236 | ) -> crate::Result<<E::Database as Database>::Row>
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: see issue #103532 <https://github.com/rust-lang/rust/issues/103532> for more information
error[E0658]: `async fn` return type cannot contain a projection or `Self` that references lifetimes from a parent scope
--> /home/metrics-api/.cargo/registry/src/index.crates.io-6f17d22bba15001f/sqlx-core-0.7.4/src/raw_sql.rs:260:10
|
260 | ) -> crate::Result<<E::Database as Database>::Row>
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: see issue #103532 <https://github.com/rust-lang/rust/issues/103532> for more information
For more information about this error, try `rustc --explain E0658`.
error: could not compile `sqlx-core` (lib) due to 4 previous errors
warning: build failed, waiting for other jobs to finish...
```Mattia RighettiMattia Righettihttps://gitlab.torproject.org/tpo/tpa/team/-/issues/40154new TLS certificates generate an error in Let's Encrypt2024-03-25T20:05:28Zanarcatnew TLS certificates generate an error in Let's EncryptIt seems we're assuming RSA and dehydrated is giving us an EC key, which breaks some expectations:
```
remote: 140254075098240:error:0607907F:digital envelope routines:EVP_PKEY_get0_RSA:expecting an rsa key:../crypto/evp/p_lib.c:469: ...It seems we're assuming RSA and dehydrated is giving us an EC key, which breaks some expectations:
```
remote: 140254075098240:error:0607907F:digital envelope routines:EVP_PKEY_get0_RSA:expecting an rsa key:../crypto/evp/p_lib.c:469:
```
The full log:
```
torproject.net with alternative names: *.pages.torproject.net
remote: + Signing domains...
remote: + Generating private key...
remote: + Generating signing request...
remote: + Requesting new certificate order from CA...
remote: + Received 2 authorizations URLs from the CA
remote: + Handling authorization for pages.torproject.net
remote: + Handling authorization for pages.torproject.net
remote: + 2 pending challenge(s)
remote: + Deploying challenge tokens...
remote: Adding challenge '_acme-challenge.pages.torproject.net. 60 IN TXT "0-THV0y9IiRpyB2WIljXEB0m1XKXUD6DbC2jnfoDyF8"' for pages.torproject.net.
remote: Adding challenge '_acme-challenge.pages.torproject.net. 60 IN TXT "DICWz24CviBPdAPvsouHijsVZDKRc4KupDkE5ddbx4c"' for pages.torproject.net.
remote: 2021-01-28 21:42:53 /srv/dns.torproject.org/bin/update: ***** start of script *****
remote: 2021-01-28 21:42:53 /srv/dns.torproject.org/bin/update: pre flock
remote: 2021-01-28 21:42:53 /srv/dns.torproject.org/bin/update: pre git pull
remote: 2021-01-28 21:42:53 /srv/dns.torproject.org/bin/update: pre update-keys
remote: 2021-01-28 21:42:56 /srv/dns.torproject.org/bin/update: pre build-services
remote: 2021-01-28 21:42:56 /srv/dns.torproject.org/bin/update: pre for loop
remote: 2021-01-28 21:42:56 /srv/dns.torproject.org/bin/update: pre write_zonefile for 0-26.72.229.38.in-addr.arpa
remote: 2021-01-28 21:42:56 /srv/dns.torproject.org/bin/update: pre write_zonefile for 0.0.0.5.a.5.0.0.0.b.6.0.1.0.0.2.ip6.arpa
remote: 2021-01-28 21:42:56 /srv/dns.torproject.org/bin/update: pre write_zonefile for 1.0.0.0.5.0.0.0.0.0.5.8.7.0.6.2.ip6.arpa
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for 144-28.132.35.154.in-addr.arpa
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for 16-28.235.45.89.in-addr.arpa
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for 2.8.0.0.0.0.0.5.0.0.8.8.4.0.6.2.ip6.arpa
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for 30.172.in-addr.arpa
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for 64-28.132.35.154.in-addr.arpa
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for 82.229.38.in-addr.arpa
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for b.0.0.0.0.b.6.0.0.0.0.0.0.2.6.2.ip6.arpa
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for onion-router.net
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for rev
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for torproject.com
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for torproject.net
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre write_zonefile for torproject.org
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: pre dns-update
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: done!
remote: 2021-01-28 21:42:57 /srv/dns.torproject.org/bin/update: ***** end of script *****
remote: Waiting for master to update torproject.net (for _acme-challenge.pages.torproject.net) from 2021012805. Currently at 2021012806..
remote: Waiting for secondaries to update to match master at 2021012806..
remote: Waiting for secondaries to update to match master at 2021012806..
remote: Waiting for secondaries to update to match master at 2021012806..
remote: Waiting for secondaries to update to match master at 2021012806..
remote: Waiting for master to update torproject.net (for _acme-challenge.pages.torproject.net) from 2021012805. Currently at 2021012806..
remote: Waiting for secondaries to update to match master at 2021012806..
remote: Waiting for secondaries to update to match master at 2021012806..
remote: + Responding to challenge for pages.torproject.net authorization...
remote: + Challenge is valid!
remote: + Responding to challenge for pages.torproject.net authorization...
remote: + Challenge is valid!
remote: + Cleaning challenge tokens...
remote: + Requesting certificate...
remote: + Using preferred chain with CN = DST Root CA X3
remote: + Checking certificate...
remote: + Done!
remote: + Creating fullchain.pem...
remote: Calling deploy for pages.torproject.net
remote: /srv/letsencrypt.torproject.org/bin/deploy called with pages.torproject.net
remote: 140254075098240:error:0607907F:digital envelope routines:EVP_PKEY_get0_RSA:expecting an rsa key:../crypto/evp/p_lib.c:469:
remote: Warning: No /srv/letsencrypt.torproject.org/var/extra/dh-.pem file found.
remote: sending incremental file list
remote: 359 100% 350.59kB/s 0:00:00 (xfr#4, to-chk=144/357)
remote:
remote: sent 21,562 bytes received 95 bytes 43,314.00 bytes/sec
remote: total size is 1,021,877 speedup is 47.18
remote: + Done!
```
and indeed, that is a EC key:
```
root@nevii:/srv/letsencrypt.torproject.org/var/result# head -1 pages.torproject.net.key
-----BEGIN EC PARAMETERS-----
```
@weasel any idea what that might be?