Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-12T23:43:15Zhttps://gitlab.torproject.org/legacy/trac/-/issues/1545Receive documentation lists from auditors2020-06-12T23:43:15ZAndrew LewmanReceive documentation lists from auditorsReceive the documentation request from the auditors. Confirm they asked for the right data and the requests are reasonable.Receive the documentation request from the auditors. Confirm they asked for the right data and the requests are reasonable.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1546Provide requested docs to the auditors2020-06-12T23:43:16ZAndrew LewmanProvide requested docs to the auditorsBased on #1545, provide all requested documentation to the auditors.Based on #1545, provide all requested documentation to the auditors.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1547Recover provided docs from auditors2011-11-04T13:08:03ZAndrew LewmanRecover provided docs from auditorsThe follow-up to #1546 is to get all of our documentation back and filed correctly.The follow-up to #1546 is to get all of our documentation back and filed correctly.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1548Review and discuss auditor findings2011-11-04T13:08:09ZAndrew LewmanReview and discuss auditor findingsThe auditors expect to have findings which need a corrective action plan. Review and discuss severity, mitigation, and development of the CAP.The auditors expect to have findings which need a corrective action plan. Review and discuss severity, mitigation, and development of the CAP.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1549Develop a CAP2011-11-04T13:08:16ZAndrew LewmanDevelop a CAPDevelop and get the auditors to sign off on our corrective action plan, aka CAP.Develop and get the auditors to sign off on our corrective action plan, aka CAP.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1550Review the IRS 990 draft2020-06-12T23:43:19ZAndrew LewmanReview the IRS 990 draftAuditors will send over a Form 990 draft. Review and verify it is correct. False statements have legal liability attached.Auditors will send over a Form 990 draft. Review and verify it is correct. False statements have legal liability attached.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1551Accept and file IRS Form 9902020-06-12T23:43:20ZAndrew LewmanAccept and file IRS Form 990After #1550 is complete, accept and file the IRS Form 990. Share internally so everyone can see what it contains and which information is public.After #1550 is complete, accept and file the IRS Form 990. Share internally so everyone can see what it contains and which information is public.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1552Review & validate State of MA Form PC2020-06-12T23:43:21ZAndrew LewmanReview & validate State of MA Form PCBased on #1551, review and validate the Form PC for the State of MA.Based on #1551, review and validate the Form PC for the State of MA.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1553Accept & File Form PC2011-11-04T13:08:41ZAndrew LewmanAccept & File Form PCAfter #1552, accept and file the Form PC with the Attorney General of Massachusetts.After #1552, accept and file the Form PC with the Attorney General of Massachusetts.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1580restricted networks for serra2010-07-08T17:24:30ZAndrew Lewmanrestricted networks for serrarestrict ssh access to serra from select networks, rather than allowing the entire world. comcast seems to be a fine target for thousands of daily attempts.restrict ssh access to serra from select networks, rather than allowing the entire world. comcast seems to be a fine target for thousands of daily attempts.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1581configure backups on serra2010-07-02T13:13:22ZAndrew Lewmanconfigure backups on serraconfigure backups on serra for all servers in https://svn.torproject.org/svn/projects/misc-sysadmin/namelistconfigure backups on serra for all servers in https://svn.torproject.org/svn/projects/misc-sysadmin/namelistAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1679Add SPF records for torproject.org2010-07-20T17:50:06ZAndrew LewmanAdd SPF records for torproject.orgtorproject.org is missing dns spf records.torproject.org is missing dns spf records.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1681use the wildcard ssl cert for metrics.tpo2010-07-18T08:17:34ZAndrew Lewmanuse the wildcard ssl cert for metrics.tposetup apache to front tomcat and serve metrics.tpo with the wildcard ssl cert.setup apache to front tomcat and serve metrics.tpo with the wildcard ssl cert.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1683add postgreql to yatei2010-07-18T13:40:18ZAndrew Lewmanadd postgreql to yateiadd postgresql to yatei for karsten's db workadd postgresql to yatei for karsten's db workAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1695centralize munin graphs2010-07-15T20:36:21ZAndrew Lewmancentralize munin graphswe currently have both munin server and munin node running on all internal servers, we should centralize this so one server collects the data from all of the nodes.we currently have both munin server and munin node running on all internal servers, we should centralize this so one server collects the data from all of the nodes.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1697Migrate or-talk, tor-relays, or-cvs, or-dev mailings lists to torproject.org2020-06-13T00:26:17ZAndrew LewmanMigrate or-talk, tor-relays, or-cvs, or-dev mailings lists to torproject.orgWe should be running our own mailing lists @torproject.org domain, with automatic archiving and such.We should be running our own mailing lists @torproject.org domain, with automatic archiving and such.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1701torperf https2010-10-01T11:37:03Zweasel (Peter Palfrader)torperf httpshttps everywhere redirects *.tpo (with exception of archive) to https, so we should do https on torperf.https everywhere redirects *.tpo (with exception of archive) to https, so we should do https on torperf.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/1702backup pg on jepsonii2011-12-16T21:54:14Zweasel (Peter Palfrader)backup pg on jepsoniiHi helix,
I notice jepsonii has these files:
weasel@jepsonii:/srv/trac.torproject.org/trac/tor/db$ ls -la
total 191984
drwxr-sr-x 2 erinn tracadm 4096 Jul 19 15:20 ./
drwxrwsr-x 11 tracweb tracadm 4096 Jul 19 15:21 ../
-rw-r...Hi helix,
I notice jepsonii has these files:
weasel@jepsonii:/srv/trac.torproject.org/trac/tor/db$ ls -la
total 191984
drwxr-sr-x 2 erinn tracadm 4096 Jul 19 15:20 ./
drwxrwsr-x 11 tracweb tracadm 4096 Jul 19 15:21 ../
-rw-r--r-- 1 erinn tracadm 26523873 Apr 23 08:35 postgres.21.1272011675.bak.gz
-rw-r--r-- 1 erinn tracadm 55822963 Jun 9 05:16 postgres.21.1276060556.bak.gz
-rw-r--r-- 1 erinn tracadm 55823056 Jun 9 05:19 postgres.21.1276060710.bak.gz
-rw-r--r-- 1 erinn tracadm 58190324 Jul 19 15:21 postgres.21.1279552818.bak.gz
It seems to me this is exactly what we want anyway. How did you cause these files to be created?weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/1703Add new mailing list for directory authority operators2010-07-26T14:35:27ZKarsten LoesingAdd new mailing list for directory authority operatorsCan we add a new mailing list for directory authority operators dir-auth@torproject.org to notify them whenever we add a new authority or have to make other authority-related changes? The mailing list archives could be made public.Can we add a new mailing list for directory authority operators dir-auth@torproject.org to notify them whenever we add a new authority or have to make other authority-related changes? The mailing list archives could be made public.Roger DingledineRoger Dingledinehttps://gitlab.torproject.org/legacy/trac/-/issues/1704please give website push privileges to the following people2010-10-11T10:58:48ZErinn Clarkplease give website push privileges to the following peopleMe (erinn), Sebastian, and Runa.Me (erinn), Sebastian, and Runa.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/1732please create ud-ldap account for atagar2010-07-26T22:55:08ZDamian Johnsonplease create ud-ldap account for atagarI'm about to swap arm over to git, which evidently requires ldap credentials too. Here's the information weasel's requested:
name (first/middle/last): Damian Galen Johnson
preferred username: atagar
forwarding email address: the one ment...I'm about to swap arm over to git, which evidently requires ldap credentials too. Here's the information weasel's requested:
name (first/middle/last): Damian Galen Johnson
preferred username: atagar
forwarding email address: the one mentioned at http://www.atagar.com/contact/ (I'd rather not have it as plain text on trac, but recognize this is probably a lost cause)
pgp key fingerprint: 6827 8CC5 DD2D 1E85 C4E4 5AD9 0445 B7AB 9ABB EEC6
Cheers! -DamianAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1763Project: publish "10 things to think about circumvention systems" whitepaper2010-09-28T17:50:19ZNick MathewsonProject: publish "10 things to think about circumvention systems" whitepaperRoger wrote a draft whitepaper here. We should get it into publishable format so that it can get more attention.Roger wrote a draft whitepaper here. We should get it into publishable format so that it can get more attention.Deliverable-Sep2010Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1858Please dedicate a vm for torbel2010-10-01T11:09:05ZSebastian HahnPlease dedicate a vm for torbelWe need a vm for torbel and related services (check can move there eventually too). Do we have one sitting around, or can we repurpose another one? I expect high cpu load and moderate memory requirements (256mb should be fine).We need a vm for torbel and related services (check can move there eventually too). Do we have one sitting around, or can we repurpose another one? I expect high cpu load and moderate memory requirements (256mb should be fine).weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/1861please create an account for schoen2010-08-25T18:40:52ZSeth Schoenplease create an account for schoenHi,
I'm hoping to get an account to be able to use git for the HTTPS Everywhere tree which will be hosted there.
name (first/middle/last): Seth David Schoen
preferred username: schoen
forwarding email address: the same @eff.org
pgp key...Hi,
I'm hoping to get an account to be able to use git for the HTTPS Everywhere tree which will be hosted there.
name (first/middle/last): Seth David Schoen
preferred username: schoen
forwarding email address: the same @eff.org
pgp key fingerprint: FD9A 6AA2 8193 A9F0 3D4B F4AD C11B 36DC 9C7D D150
Thanks!Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1867Verified backups2012-03-10T02:59:07ZAndrew LewmanVerified backupsNick and I were discussing backups this morning. Nick wonders if there is a way to authenticate that our files have not changed once backed up, and to verify that the files are not changed in transit. The ways we can think of doing this...Nick and I were discussing backups this morning. Nick wonders if there is a way to authenticate that our files have not changed once backed up, and to verify that the files are not changed in transit. The ways we can think of doing this involve sha256 hashes of all files backed up, and verifying these hashes haven't changed periodically.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1891Add the wildcard cert to translation2011-05-21T12:11:11ZAndrew LewmanAdd the wildcard cert to translationSetup the wildcard ssl cert on translation, replacing the expired cert about which everyone complains.Setup the wildcard ssl cert on translation, replacing the expired cert about which everyone complains.https://gitlab.torproject.org/legacy/trac/-/issues/1892change the locate cronjobs to weekly2010-08-30T00:27:01ZAndrew Lewmanchange the locate cronjobs to weeklyThe system hardly changes, running the locate scripts daily kills the system for 45 minutes every day. Move them to weekly cronjobs.The system hardly changes, running the locate scripts daily kills the system for 45 minutes every day. Move them to weekly cronjobs.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/1908whhrhrhrhwrhrh2010-09-01T23:26:27ZTracwhhrhrhrhwrhrhrewgrgerge
ergegergerg
gergergregreg
gergergerger
ggergergerg
gewrgergreg
gegergergerg
**Trac**:
**Username**: basbasrewgrgerge
ergegergerg
gergergregreg
gergergerger
ggergergerg
gewrgergreg
gegergergerg
**Trac**:
**Username**: basbashttps://gitlab.torproject.org/legacy/trac/-/issues/1932Add serra and porrum to nagios2010-10-01T11:33:29ZAndrew LewmanAdd serra and porrum to nagiosPlease add serra and porrum to nagios.Please add serra and porrum to nagios.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/1939Trac Homepage should be a dev landing page2020-06-12T23:51:34ZMike PerryTrac Homepage should be a dev landing pageWe need to destroy our old wiki homepage. Or at least hide it somewhere. It is inappropriate for the landing page we are trying to use to organize development information.
I have no idea how to find the list of projects or any other ven...We need to destroy our old wiki homepage. Or at least hide it somewhere. It is inappropriate for the landing page we are trying to use to organize development information.
I have no idea how to find the list of projects or any other vendibles/buddies/projects material we hashed out from our developer meeting. Which means if I can't find it, none of our volunteers can.
It should be just a click from the trac.torproject.org page to all of our company, developer and project overview material.
Trac should no longer be about informing regular users. It sucks for that. The page tiles mean you can't even find pages with google.https://gitlab.torproject.org/legacy/trac/-/issues/1970Give Sebastian access to ferrinii and porrum2010-09-28T18:04:29ZSebastian HahnGive Sebastian access to ferrinii and porrumHey, please give me access to ferrinii for some torperf testing (just a user account should be fine for now, probably) and porrum for a torbel setup.
On porrum I'd need a Tor instance that I can configure, and I need the ability to star...Hey, please give me access to ferrinii for some torperf testing (just a user account should be fine for now, probably) and porrum for a torbel setup.
On porrum I'd need a Tor instance that I can configure, and I need the ability to start torbel as root (so that it can bind to low ports). It would be very useful if porrum didn't have any common ports open (specifically neither 80 nor 443, and maybe also port 22 and 25), or if it had a second IP address to use. For its active testing, torbel needs to open all these ports.https://gitlab.torproject.org/legacy/trac/-/issues/1977Please upgrade bahri to Squeeze2010-10-01T11:08:05ZChristian FrommePlease upgrade bahri to Squeezeweasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/1985Migrate vidalia's svn2010-10-11T10:58:40ZRoger DingledineMigrate vidalia's svnhttps://ganymede.vidalia-project.net/~edmanm/vidalia-svn.tar.gz{,.asc}
Weasel said he'd import the svn given the svn dump. We should import it as svn to start with.https://ganymede.vidalia-project.net/~edmanm/vidalia-svn.tar.gz{,.asc}
Weasel said he'd import the svn given the svn dump. We should import it as svn to start with.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/1986migrate vidalia's trac into tor's trac2020-06-13T00:07:35ZRoger Dingledinemigrate vidalia's trac into tor's tracVidalia's bugs are getting lonely because people don't look at them much.
If they were in tor's trac, I would help prioritize them and nag people to fix the important usability issues.
Bug we don't just want to import all the vidalia t...Vidalia's bugs are getting lonely because people don't look at them much.
If they were in tor's trac, I would help prioritize them and nag people to fix the important usability issues.
Bug we don't just want to import all the vidalia trac entries into our trac, because the numbers won't line up.
Maybe the best answer is to let the old trac die, and put it up somewhere in a read-only way, and add a new Vidalia component to our trac and cherry-pick the bugs we want to keep active?weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2023please provision a server/VM for Thandy testing2010-10-27T20:52:23ZErinn Clarkplease provision a server/VM for Thandy testingWe're going to start working on Thandy (https://trac.torproject.org/projects/tor/wiki/projects/Thandy) and need a server to begin testing distribution, roles, and other such things. Having a URL like thandy-test.torproject.org would be g...We're going to start working on Thandy (https://trac.torproject.org/projects/tor/wiki/projects/Thandy) and need a server to begin testing distribution, roles, and other such things. Having a URL like thandy-test.torproject.org would be good too.
Some requirements:
* three separate accounts: one for timestamping, one for me to use and upload stuff, and one to run the webserver. I'll suggest these as names: thandy-admin, thandy-upload, and thandy-www. Maybe someone (Nick) will have better suggestions.
* admin-level permissions for Sebastian and I to be able to change server configuration. For this reason it might be better to have a separate VM dedicated to Thandy stuff, though given the currently minimal resource requirements, it could be a pretty small one.
* ability to serve stuff over http/https.
Thanks!Deliverable-Mar2011weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2024Give schoen+pde write access to https-everywhere.git2010-10-07T19:32:59ZMike PerryGive schoen+pde write access to https-everywhere.gitWe need them to be able to push.We need them to be able to push.https://gitlab.torproject.org/legacy/trac/-/issues/2048Make repository syncing from cupani to jepsonii smarter2020-06-13T16:28:49ZSebastian HahnMake repository syncing from cupani to jepsonii smarterWe currently sync all git repositories from cupani to jepsonii, but instead we should only sync those listed in /srv/git.torproject.org/projects.list on cupani. Also, we should make sure that don't exist on cupani/aren't listed in its pr...We currently sync all git repositories from cupani to jepsonii, but instead we should only sync those listed in /srv/git.torproject.org/projects.list on cupani. Also, we should make sure that don't exist on cupani/aren't listed in its projects.list file anymore are removed on jepsonii, as well.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2056metrics apache config2010-10-13T12:12:26Zweasel (Peter Palfrader)metrics apache configFrom: Karsten Loesing <karsten.loesing@gmx.net>
Subject: Apache configuration on yatei
Hi weasel,
can you make two changes to the Apache config on yatei, please?
1. Apache shouldn't answer requests to /graphs/* anymore, but Tomcat
sho...From: Karsten Loesing <karsten.loesing@gmx.net>
Subject: Apache configuration on yatei
Hi weasel,
can you make two changes to the Apache config on yatei, please?
1. Apache shouldn't answer requests to /graphs/* anymore, but Tomcat
should answer these. The other redirects can remain the same.
2. Apache should set the MIME type for files in /csv/* to
text/comma-separated-values or whatever is appropriate so that browsers
display them as text files. If it's simpler to configure, Apache can set
the MIME type for all files ending in .csv to that MIME type.
Thanks!
--Karstenweasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2082Add chiiph to the developer group2010-10-19T02:32:41ZSebastian HahnAdd chiiph to the developer groupso he can modify ticketsso he can modify ticketshttps://gitlab.torproject.org/legacy/trac/-/issues/2084Convert torcheck to git2019-01-17T00:03:21ZSebastian HahnConvert torcheck to gitI want to migrate the check repository to git. People with commit access are arma, ioerror, kaner, weasel; and pootle also has access. Anyone not fine with a conversion? Runa: What needs to happen wrt i18n?I want to migrate the check repository to git. People with commit access are arma, ioerror, kaner, weasel; and pootle also has access. Anyone not fine with a conversion? Runa: What needs to happen wrt i18n?https://gitlab.torproject.org/legacy/trac/-/issues/2100Please make configuration changes to Tomcat on yatei2010-10-22T12:47:56ZKarsten LoesingPlease make configuration changes to Tomcat on yateiI need the following configuration changes on yatei:
- Copy PostgreSQL JDBC library to Tomcat's shared library directory:
```
# cp /srv/metrics.torproject.org/web/lib/postgresql-8.4-702.jdbc3.jar /usr/share/tomcat5.5/common/lib/
```
-...I need the following configuration changes on yatei:
- Copy PostgreSQL JDBC library to Tomcat's shared library directory:
```
# cp /srv/metrics.torproject.org/web/lib/postgresql-8.4-702.jdbc3.jar /usr/share/tomcat5.5/common/lib/
```
- Allow all Tomcat webapps to connect to PostgreSQL by adding the following line to the first grant block in /etc/tomcat5.5/policy.d/04webapps.policy:
```
permission java.net.SocketPermission "127.0.0.1:5432", "resolve,connect";
```
- Allow Tomcat's logger to read our logging.properties file by adding the following two lines to the last grant block in /etc/tomcat5.5/policy.d/04webapps.policy that applies to codeBase "file:${catalina.home}/bin/tomcat-juli.jar":
```
permission java.io.FilePermission "${catalina.base}/webapps/ernie/WEB-INF/classes/logging.properties", "read";
permission java.lang.RuntimePermission "setContextClassLoader";
```
- Speaking of, please give me read access to /etc/tomcat5.5/policy.d/ or provide me with current copies of the contained files for documentation purposes.
Thanks!https://gitlab.torproject.org/legacy/trac/-/issues/2155Please create an account for me2011-04-10T17:34:05ZTracPlease create an account for meI'm hoping to get an account to be able to use git for the HTTPS Everywhere tree.
name: Chris Palmer
preferred username: chris
forwarding email address: the same @eff.org
Thank you!
**Trac**:
**Username**: chrisI'm hoping to get an account to be able to use git for the HTTPS Everywhere tree.
name: Chris Palmer
preferred username: chris
forwarding email address: the same @eff.org
Thank you!
**Trac**:
**Username**: chrisweasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2165deb.torproject.org outage2010-11-08T06:40:09ZDamian Johnsondeb.torproject.org outage18:39 < atagar> helix: two of the servers in the rotation for deb.torproject.org are nonfunctional - deb-master.torproject.org (86.59.21.36) times out and mirror.netcologne.de (194.8.197.22) lacks the correct directory structure
18:39 <...18:39 < atagar> helix: two of the servers in the rotation for deb.torproject.org are nonfunctional - deb-master.torproject.org (86.59.21.36) times out and mirror.netcologne.de (194.8.197.22) lacks the correct directory structure
18:39 < atagar> the third, tor.mirror.youam.de (78.46.17.118), looks fine but it's not in the round robin
18:39 < atagar> the result is that apt-get update produces:
18:39 < atagar> W: Failed to fetch http://deb.torproject.org/dists/lucid/main/binary-amd64/Packages.gz 404 Not Found [IP: 86.59.30.36 80]
When following the steps on:
https://www.torproject.org/docs/debian.html.en
for ubuntu maverick (64 bit) the 'apt-get update' step always fails with a 404 for either the 86.59.21.36 or 194.8.197.22 ip. However, the package exists on tor.mirror.youam.de (a third mirror that's mentioned on the instructions but apparently not in the rotation). -Damian
PS. Assigning component as website since we don't have one for the repoweasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2272Tor materials for trainings2020-06-12T23:58:19ZAndrew LewmanTor materials for trainingsCreate, collate, produce educational materials about Internet censorship and using Tor for circumvention. These materials should work equally well via online access and in-person via conferences. Discussed materials are:
1. screencast...Create, collate, produce educational materials about Internet censorship and using Tor for circumvention. These materials should work equally well via online access and in-person via conferences. Discussed materials are:
1. screencasts of installing and configuring tor
1. video of a "tor talk"
1. collate tor presentations and docs into one master presentation
1. get professional artwork completed for all slides that need it
1. create animation that visually explains the concepts in the presentationDeliverable-Mar2011Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2273Training materials and sessions for train the trainers.2011-04-11T00:42:57ZAndrew LewmanTraining materials and sessions for train the trainers.Create training materials and sessions for train the trainers. Pull from the educational materials in #2272. We should have enough material to fill 3 hours of training, from start to finish. It may need to cover how the Internet works...Create training materials and sessions for train the trainers. Pull from the educational materials in #2272. We should have enough material to fill 3 hours of training, from start to finish. It may need to cover how the Internet works at a basic level through basics of information security before getting to Tor.
Materials also need to include a mix of hands-on "try it for yourself" exercises.Deliverable-Mar2011Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2277Sponsor E Phase One Deliverables2011-10-25T18:23:21ZAndrew LewmanSponsor E Phase One DeliverablesMaster ticket for all Phase One deliverables.
[[TicketQuery(parent=this)]]Master ticket for all Phase One deliverables.
[[TicketQuery(parent=this)]]Deliverable-Mar2011Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2296Create a small document that explains who to contact for security stuff2020-06-13T01:02:55ZJacob AppelbaumCreate a small document that explains who to contact for security stuffWe need to collect a small set of email addresses, gpg keys, and other information about notification of security important related updates.
For Debian - we contact Peter
For Ubuntu - we contact Jacob
For OpenWRT - we contact Jacob
For ...We need to collect a small set of email addresses, gpg keys, and other information about notification of security important related updates.
For Debian - we contact Peter
For Ubuntu - we contact Jacob
For OpenWRT - we contact Jacob
For Android - we contact Nathan and Helix
For Windows - we contact Helix
For Redhat - we contact ???
For Gentoo - we contact ???
For other distros - do we want to to contact vendor-sec and call it a day?Deliverable-Mar2011Jacob AppelbaumJacob Appelbaumhttps://gitlab.torproject.org/legacy/trac/-/issues/2347Create mikeperry account on vescum and add to torwww2011-01-04T08:45:20ZMike PerryCreate mikeperry account on vescum and add to torwwwI need to be able to upload torbutton xpis and modify web content in htdocs/torbutton/releases.I need to be able to upload torbutton xpis and modify web content in htdocs/torbutton/releases.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2369Sponsor F phase one (May2011) deliverables2011-09-04T13:48:18ZRoger DingledineSponsor F phase one (May2011) deliverablesMaster ticket for all phase one (May 31 2011) SponsorF deliverables:
[org/sponsors/SponsorF](org/sponsors/SponsorF)
[org/sponsors/SponsorF/May2011](org/sponsors/SponsorF/May2011)
[[TicketQuery(parent=this)]]Master ticket for all phase one (May 31 2011) SponsorF deliverables:
[org/sponsors/SponsorF](org/sponsors/SponsorF)
[org/sponsors/SponsorF/May2011](org/sponsors/SponsorF/May2011)
[[TicketQuery(parent=this)]]Deliverable-Mar2011Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2387tomb needs ssh account for git rw2011-01-15T16:46:30ZThomas Benjamintomb needs ssh account for git rwtomb needs ssh account for git rwtomb needs ssh account for git rwAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2396db.torproject.org change password problem2011-02-26T14:47:25ZThomas Benjamindb.torproject.org change password problemDocumentation states to send 'Please change my Tor password'
system actually expects
'Please change my Debian password'Documentation states to send 'Please change my Tor password'
system actually expects
'Please change my Debian password'Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2443Remove Torbutton from addons.mozilla.org2020-06-13T01:02:42ZRobert RansomRemove Torbutton from addons.mozilla.orgCurrently, Torbutton is [available from addons.mozilla.org](https://addons.mozilla.org/en-US/firefox/addon/torbutton/). This listing must be removed for several reasons:
1. Nothing currently shown on the page indicates that users must ...Currently, Torbutton is [available from addons.mozilla.org](https://addons.mozilla.org/en-US/firefox/addon/torbutton/). This listing must be removed for several reasons:
1. Nothing currently shown on the page indicates that users must download, install, and run Tor in order to use Torbutton. Multiple people have been confused by this fact.
2. According to [Mozilla's privacy policy](https://www.mozilla.com/en-US/privacy-policy.html) (currently last updated June 30, 2010), addons.mozilla.org records in its logs client IP addresses and times of accesses to the site. Mozilla does not consider even IP addresses to be personally identifying information, and states that it may share the logs it collects with 'employees, contractors, service providers, and subsidiaries and related organizations'. They do not state how long these logs are preserved, or in which jurisdictions the people and organizations with access to the logs are located.
3. The description of Torbutton is long out of date (e.g. it links to bugs.tpo/flyspray for bug reports). I assume this means that we cannot update the description without significant effort.
Once the a.m.o listing is removed, we should announce the change and explain the reasons for it in a blog post.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/2514Document an iteration and write up a rosetta stone for reports2020-06-13T00:03:31ZMike PerryDocument an iteration and write up a rosetta stone for reportsI realized it's going to take some time/resources to do this agile nonsense and to explain it to everyone, so why not meta-document and track that time using agile+trac? Sounds like a plan to me.I realized it's going to take some time/resources to do this agile nonsense and to explain it to everyone, so why not meta-document and track that time using agile+trac? Sounds like a plan to me.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/2516Examine TurnRight's packages for malware2012-06-14T01:38:29ZRobert RansomExamine TurnRight's packages for malwareA Chinese blogger who calls himself/herself/itself 'TurnRight' has produced two packages containing Tor, which he/she/it has named 'EasyTor' and 'TorPack'. They are definitely not safe to use (the latest releases of both contain version...A Chinese blogger who calls himself/herself/itself 'TurnRight' has produced two packages containing Tor, which he/she/it has named 'EasyTor' and 'TorPack'. They are definitely not safe to use (the latest releases of both contain versions of Tor before 0.2.1.29 that are now believed to be remotely exploitable), they definitely infringe The Tor Project's trademark, and at least TorPack infringes The Tor Project's copyright as well (I did not find the Tor license in it with a fairly thorough search).
We should have these packages examined for malware, as the Chinese government and its accomplices have previously [distributed repackaged versions of popular software that include malware](http://www.zdnet.com/blog/government/chinese-monitoring-tom-skype-messages/4063) and [used targeted malware to attack groups which China opposes](http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.html).Jacob AppelbaumJacob Appelbaumhttps://gitlab.torproject.org/legacy/trac/-/issues/2567Diversion time2011-02-15T14:16:46ZMike PerryDiversion timeTo be pedantic for purposes of my Agile experiment, I want to also ballpark time I spent this week being distracted by or-talk, tor node maintenance, discussing blog and infrastructure issues with Helix, etc. Not sure which component to ...To be pedantic for purposes of my Agile experiment, I want to also ballpark time I spent this week being distracted by or-talk, tor node maintenance, discussing blog and infrastructure issues with Helix, etc. Not sure which component to put this in, as it's just for my own accounting of general noise and overhead. To me, this seems to make 'Company' a good fit, but maybe that's a poor idea.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/2598create a new svn repo for internal sharing2011-02-21T20:27:12ZAndrew Lewmancreate a new svn repo for internal sharingas agreed at the mini-dev meeting, we need an internal svn repo for sharing documents and funding proposals that isn't public, but isn't as restricted as it is now.as agreed at the mini-dev meeting, we need an internal svn repo for sharing documents and funding proposals that isn't public, but isn't as restricted as it is now.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2621Please create a ldap account for chiiph2011-02-28T19:09:00ZTomas ToucedaPlease create a ldap account for chiiphBy Sebastian suggestion, I'm filling this ticket with the necessary data:
name (first/middle/last): Tomás Andrés Touceda
preferred username: chiiph
forwarding email address: chiiph @gentoo.org
pgp key fingerprint: 553D 7C2C 626E F16F 27...By Sebastian suggestion, I'm filling this ticket with the necessary data:
name (first/middle/last): Tomás Andrés Touceda
preferred username: chiiph
forwarding email address: chiiph @gentoo.org
pgp key fingerprint: 553D 7C2C 626E F16F 27F3 30BC 95E3 881D 9A75 3A6Bweasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2630make all our systems use security aware resolvers2011-12-16T23:32:04Zweasel (Peter Palfrader)make all our systems use security aware resolversProbably by installing unbound, configuring it properly, and then change /etc/resolv.conf to only ask localhost.Probably by installing unbound, configuring it properly, and then change /etc/resolv.conf to only ask localhost.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2661Find best way to fit coding convention notes into wiki2011-08-29T19:28:16ZThomas BenjaminFind best way to fit coding convention notes into wikiThe HACKING file is awesome, but it would probably be good to add the coding convention issues to the wiki as well. It may be easier for new volunteers to find. I recommend adding a link to the wiki entry to the HACKING file, and addin...The HACKING file is awesome, but it would probably be good to add the coding convention issues to the wiki as well. It may be easier for new volunteers to find. I recommend adding a link to the wiki entry to the HACKING file, and adding a link from the HACKING file to the wiki.
I will seek feedback on tor-dev as to the best way to include a link to this page from our other documentation and the front page of the wiki
Also, I categorized this ticket as Company because I think it will help maintain our institutional memory, and I couldn't find another component that seemed to fit better. If someone has a better way to categorize this please feel free to change the ticket.Thomas BenjaminThomas Benjaminhttps://gitlab.torproject.org/legacy/trac/-/issues/2671Better communication for authority operators, core developers in emergency si...2020-06-13T00:06:37ZNick MathewsonBetter communication for authority operators, core developers in emergency situations When in danger or in doubt,
run in circles, scream and shout!
- traditional motto, possibly naval.
When the bug behind #2664 happened, it took us a few hours to notice. That was bad, and #2666 is about trying to notice such si... When in danger or in doubt,
run in circles, scream and shout!
- traditional motto, possibly naval.
When the bug behind #2664 happened, it took us a few hours to notice. That was bad, and #2666 is about trying to notice such situations faster. But another problem is that even after we noticed, it still took a while to sort out who knew how best to contact which operators. Probably developers should get contacted too, so they can be available to deal with bad/urgent bugs.
We should figure out, for each authority operator and core developer[*], the best two or three ways to contact them in the case of an emergency. If these ways are not something we want to publish (e.g., phone numbers), a few people should know them, and all Tor people should know who those people are and how to contact them in a hurry.
We should have some emergency-response mechanisms in place. If communications are security-sensitive, we should have a way to deal with it in place, rather than the current approach of "send gpg-encrypted email to those people whose keys you happen to have" or "immediately go dark, use OTR to talk pairwise to people you know". Those approaches scale badly; we can probably do better.
We should also have planned responses for emergency events like "A key server looks like it might have been compromised"; "somebody has reported a vulnerability"; "somebody has disclosed a vulnerability"; "one or more authorities have gone down strangely;" "looks like the network is crashing;" and so on.
[*] "core developer" is here defined as "a developer who is likely to needed urgently when something breaks."https://gitlab.torproject.org/legacy/trac/-/issues/2673Get new cert for blog2011-03-09T03:15:36ZMike PerryGet new cert for blogblog.tp.o is in need of a new cert.blog.tp.o is in need of a new cert.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/2679Migrate tor-internal, tor-assistants, etc mailings lists to torproject.org2011-04-11T00:32:19ZRoger DingledineMigrate tor-internal, tor-assistants, etc mailings lists to torproject.orgThe migration of the public lists (#1697) is looking good.
But I'm still running on moria:
tor-assistants
tor-internal
tor-directors
tor-exec
tor-gsoc
tor-java
tor-mirrors
tor-translation
flynn
dir-auth
vidalia-svnThe migration of the public lists (#1697) is looking good.
But I'm still running on moria:
tor-assistants
tor-internal
tor-directors
tor-exec
tor-gsoc
tor-java
tor-mirrors
tor-translation
flynn
dir-auth
vidalia-svnAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2684please create tor-packagers mailing list2011-03-30T15:13:26ZErinn Clarkplease create tor-packagers mailing listPlease create tor-packagers mailing list on lists.torproject.org. According to #2296 we have a tor-security list that's meant for general security contact, but for non-security things -- such as alpha releases, and other packaging-relate...Please create tor-packagers mailing list on lists.torproject.org. According to #2296 we have a tor-security list that's meant for general security contact, but for non-security things -- such as alpha releases, and other packaging-related issues -- we need a way to notify people, perhaps a broader group, albeit with some expect overlap.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2853Review Some GSoC Proposals2011-04-05T01:06:19ZMike PerryReview Some GSoC ProposalsOver the past week, I reviewed a few GSoC proposals and spent a bit of time talking to students. This ticket is to track that effort.Over the past week, I reviewed a few GSoC proposals and spent a bit of time talking to students. This ticket is to track that effort.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/2869I need an account on ferrinii2011-04-10T17:40:52ZMike PerryI need an account on ferriniiI need an account on ferrinii in the torperf group so I can keep an eye on torperf scripts over the weekend.
Long term, we may also need some nagios scripts to keep an eye on these scripts.I need an account on ferrinii in the torperf group so I can keep an eye on torperf scripts over the weekend.
Long term, we may also need some nagios scripts to keep an eye on these scripts.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/2906Please give chiiph commit access to the website2011-04-13T15:48:43ZErinn ClarkPlease give chiiph commit access to the websitechiiph needs to be able to update the Vidalia page. Please give him commit access to the website svn. Thanks!chiiph needs to be able to update the Vidalia page. Please give him commit access to the website svn. Thanks!Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2973Mac Access for Damian2011-04-25T17:57:57ZDamian JohnsonMac Access for DamianHi, Erinn mentioned that we have a ppc osx system. Could I have an account on it? This would be handy for both arm testing and packaging.
Thanks! -DamianHi, Erinn mentioned that we have a ppc osx system. Could I have an account on it? This would be handy for both arm testing and packaging.
Thanks! -DamianAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/2990Please give rransom write access to svn.tpo/svn/projects2011-04-26T15:39:44ZRobert RansomPlease give rransom write access to svn.tpo/svn/projectsI have changes to commit to projects/articles/browser-privacy/ .I have changes to commit to projects/articles/browser-privacy/ .Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3016Please create an LDAP account for rransom2011-04-27T21:18:13ZRobert RansomPlease create an LDAP account for rransomName: Robert Ransom
Preferred username: rransom
Forwarding e-mail address: `rransom.8774@gmail.com`
OpenPGP key fingerprint:
```
pub 2048D/BCA799F0 2010-06-01
Key fingerprint = A98B 3F31 ACE6 1C64 2749 F3CB 91EF E9AA BCA7 99F0
u...Name: Robert Ransom
Preferred username: rransom
Forwarding e-mail address: `rransom.8774@gmail.com`
OpenPGP key fingerprint:
```
pub 2048D/BCA799F0 2010-06-01
Key fingerprint = A98B 3F31 ACE6 1C64 2749 F3CB 91EF E9AA BCA7 99F0
uid Robert Ransom <rransom.8774@gmail.com>
```weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3031Nick needs a copy of windows 72011-05-10T00:49:48ZNick MathewsonNick needs a copy of windows 7Hi. Please figure out the right way for me to get myself a copy of Windows 7.Hi. Please figure out the right way for me to get myself a copy of Windows 7.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3034Meetings with SponsorF partners (phase 1)2011-04-28T19:13:33ZRoger DingledineMeetings with SponsorF partners (phase 1)Some other groups are getting funding via SponsorF also, and the more we teach them about what Tor is doing and what problems need solving the better they will be able to help us save the world.
In particular, we should meet with SRI, I...Some other groups are getting funding via SponsorF also, and the more we teach them about what Tor is doing and what problems need solving the better they will be able to help us save the world.
In particular, we should meet with SRI, ISI, and the red team in phase 1 (by end-of-May).Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3046Please give nickm access to vescum & mirroradm2011-04-29T22:25:57ZErinn ClarkPlease give nickm access to vescum & mirroradm'nickm' needs write permissions to the dist directory on vescum and the ability to run the trigger-mirrors script in mirroradm since he is doing Tor alpha releases now.'nickm' needs write permissions to the dist directory on vescum and the ability to run the trigger-mirrors script in mirroradm since he is doing Tor alpha releases now.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3068Please create an ldap account for n8fr82011-05-25T22:15:13ZNathan FreitasPlease create an ldap account for n8fr8name (first/middle/last): Nathanial Freitas
preferred username: n8fr8
forwarding email address: nathan@freitas.net
pgp key fingerprint: FB5D 71D5 3650 DE05 7267
1863 85E9 B0FB 288D 35CEname (first/middle/last): Nathanial Freitas
preferred username: n8fr8
forwarding email address: nathan@freitas.net
pgp key fingerprint: FB5D 71D5 3650 DE05 7267
1863 85E9 B0FB 288D 35CEweasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3158Need a clearer policy about who gets ldap accounts2012-05-23T00:33:38ZRoger DingledineNeed a clearer policy about who gets ldap accountsatagar and I want to give torproject git repos to all the gsoc students.
I believe one needs a tor ldap account in order to get a tor git repo. True/false?
A while ago there was a concern about giving ldap accounts to people just to gi...atagar and I want to give torproject git repos to all the gsoc students.
I believe one needs a tor ldap account in order to get a tor git repo. True/false?
A while ago there was a concern about giving ldap accounts to people just to give them a git repo: "doesn't having an ldap account mean you can access systems you shouldn't need to access?" I believe it was resolved with "no, the list of who can access which system is a separate list."
Sebastian tells us that a consensus was reached at the Feb dev mtg about heuristics for who should get an ldap account. Great.
Nick and I don't remember it though. Once we collectively remember, we should write it down somewhere. (Where?)Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3191Please create a ldap account for krkhan2011-05-21T18:53:37ZDamian JohnsonPlease create a ldap account for krkhanname (first/middle/last): Kamran Riaz Khan
preferred username: krkhan
forwarding email address: krkhan <AT> inspirated.com
pgp key fingerprint:
```
atagar@odin:~$ gpg --fingerprint 489C2580
pub 1024D/489C2580 2009-07-12 [expires: 2014-...name (first/middle/last): Kamran Riaz Khan
preferred username: krkhan
forwarding email address: krkhan <AT> inspirated.com
pgp key fingerprint:
```
atagar@odin:~$ gpg --fingerprint 489C2580
pub 1024D/489C2580 2009-07-12 [expires: 2014-07-11]
Key fingerprint = 9438 94E2 052A 38AB 05A2 71A8 AA62 DA0E 489C 2580
uid Kamran Riaz Khan <krkhan@inspirated.com>
sub 2048g/DF36A10F 2009-07-12 [expires: 2014-07-11]
```
He uploaded this key to his Melange proposal and his site (http://inspirated.com/uploads/pubkey.asc) to help confirm that it belongs to the GSoC student working with us this summer.
Cheers! -Damianweasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3243Research moving from current hosting to self-hosted virtual machines2011-07-30T16:18:49ZAndrew LewmanResearch moving from current hosting to self-hosted virtual machinesWe currently are hosting many servers inside vmware. With the advent of tui, we can host our own virtual servers inside kqemu or something else similar. We should research this option. Our provider offers us colocation capability whic...We currently are hosting many servers inside vmware. With the advent of tui, we can host our own virtual servers inside kqemu or something else similar. We should research this option. Our provider offers us colocation capability which would offload their overloaded VM cluster.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3256Please create an ldap account for gsathya2011-05-21T18:54:40ZNathan FreitasPlease create an ldap account for gsathyagsathya's key is now available: 0x278E3745
name (first/middle/last): Sathyanarayanan Gunasekaran
preferred username: gsathya
forwarding email address: gsathya.ceg <AT> gmail.com
pgp key fingerprint:
pub 2048R/278E3745 2011-05-15
...gsathya's key is now available: 0x278E3745
name (first/middle/last): Sathyanarayanan Gunasekaran
preferred username: gsathya
forwarding email address: gsathya.ceg <AT> gmail.com
pgp key fingerprint:
pub 2048R/278E3745 2011-05-15
Key fingerprint = 5EBB 8FB9 5340 F060 79DA 1893 9F3E 0335 278E 3745
uid Sathyanarayanan Gunasekaran (gsathya) <gsathya.ceg@gmail.com>
sub 2048R/5CB515FC 2011-05-15
He is uploading his key to his site shortly.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3257Please create an LDAP account for blanu2011-05-21T10:22:18ZBrandon WileyPlease create an LDAP account for blanuName: Brandon Wiley
Preferred username: blanu
Forwarding e-mail address: brandon@blanu.net
uid: Brandon Wiley <brandon@blanu.net>
keyid: 2048R/A06CF24B
fingerprint: DB0C 7F15 40E9 3631 7F4D 5D9D B51D DDA7 A06C F24B
-----BEGIN PGP PUBL...Name: Brandon Wiley
Preferred username: blanu
Forwarding e-mail address: brandon@blanu.net
uid: Brandon Wiley <brandon@blanu.net>
keyid: 2048R/A06CF24B
fingerprint: DB0C 7F15 40E9 3631 7F4D 5D9D B51D DDA7 A06C F24B
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.16 (MingW32)
mQENBEzpVcsBCADRSWQdEafdlj1zgAtL4OiPOMxszM39/OalQJ3eE8yVt0n1dbf8
Mkq1tqXC25MS0QHwRUZL54AJYy/PMDbZesMy+TaYPHxhSfLlr9bbbt4xmyP8Lzig
+RpyRHu2Fka+suVCd0PAMG35r4y86/BNo7Y6nkU1ii7VjGJqEjMOKhUbXQ/f3UdQ
ARoyma/4dEUxhXgHDMEuQKhud/TWqwVj3zxb7jpnX8kZB4lDmJGVWe01hmUfHlyP
87DeV3ua8qdcIEuQ5T+TafAFHnKTetnRUa0NcbX9e/P0MW9suGLSS99/q6ti5U6C
Q9VH3fhnpD/vgcC19QANxqaFq6vYA8XusiNrABEBAAG0IUJyYW5kb24gV2lsZXkg
PGJyYW5kb25AYmxhbnUubmV0PokBOAQTAQIAIgUCTOlVywIbAwYLCQgHAwIGFQgC
CQoLBBYCAwECHgECF4AACgkQtR3dp6Bs8kuWdAgAzay2F4SFMvcECgoDAf85SkpS
RADbOqSwzDQ6UaLriN62KqHk3TG8jf7aXgq5qfLPSy55WVbhVxOuKByW+kYhgmXV
hzqFRQpl8OrOrF/Fe/Bqal7gMIXa9iWSqPn5fGZ6a2AGAT+k31I+vaN7W+ONZB7m
qJudNuUGJJLahzouWRvCcpf7HX2ug7/bZkRRa9aNiDf/ZiXKaNcDa/7Y6ArZty8y
h0XURpp6zwPe7PHF3oHGomAf0gwTOqlmE496ayoCAW+1h0m6EMvI+j3fDoBdkt2z
NT4U0iykvviRjfV/YlOHw5fmmWf5nImA+Vrp7bJXLB6pvmTotRQQg4/uxZrtDbkB
DQRM6VXLAQgA0ohrdly3IdVktMH8oP1L49K1zSTDsbqwvF2fq42GjjdIde/j+7nZ
0D3P3aNiiOCq76I6voHWMQBVhxIHS3eTlNQUA8Md6t8HjTiTP2QuWkTP1xFsV5jF
5kIFlH1a4/Mf+ggrAyESyXsYZswsPTHI++PUWYm2Ghx9LjRxXCW7FkmAnuQXe/TS
onbFcQ3U2QXPGzRj7PI//xvIpSnxe6bJni/UBumwc5drPXMu6prkoKa/ELWueLwz
BvYSFs/ai1KuJjOFDogUnqKqL4llrWfEwp/kGAXtcDh7hQTWIgavt6x2ln9oW0gq
tED251a4/bMErz4Ge1z6PF1cv+9SXmv2hQARAQABiQEfBBgBAgAJBQJM6VXLAhsM
AAoJELUd3aegbPJLO2cIAKSzkNGdzn06Xv7RbBGezzU/bMa/W2Xw07ZY5GBjorRn
US+dxj2hWk4WhqSMp8nP2i1Zdusou+saWR+PtmneG31ucPKIX3JlQbNDYZoTO3mY
M2KtYZ0MHE7/vrbzFwkuE8LvwckLD577fb2t4dCB6veqAwh1bHr60yYD5rUXiyTd
0JbNRK2EGvkVYWWxyGMSclsxi/7uV+0MgVPDBijYupIOgCeXoUA90hmhDah9vxnM
a1Bnf7tMqi/YplOIxLpiSlt6ws+kZb+2pFrQwNxzQBQNSbGv9zfvYIRVC1c3S99D
NmQ1laS6dioLTH9+8q/3UOf/XH8xDUStl4NiRNC/2fA=
=3eHe
-----END PGP PUBLIC KEY BLOCK-----weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3267New account for GSoC student jvoisin (Julien Voisin)2011-05-24T15:26:41ZMike PerryNew account for GSoC student jvoisin (Julien Voisin)I have obtained a gpg key for Julien Voisin, my GSoC student for the meta-data anonymizing toolkit project. He posted the key using his GSoc Melange account to: http://www.google-melange.com/gsoc/project/google/gsoc2011/jvoisin/26001
Do...I have obtained a gpg key for Julien Voisin, my GSoC student for the meta-data anonymizing toolkit project. He posted the key using his GSoc Melange account to: http://www.google-melange.com/gsoc/project/google/gsoc2011/jvoisin/26001
Downloading that key gives me:
pub 4096R/C48815F2 2010-10-14
Key fingerprint = F808 881C CDEE 45FD 37E9 6896 9768 FD3C C488 15F2
uid VOISIN Julien <julien.voisin@dustri.org>
sub 4096R/F9BFABC7 2010-10-14
I authenticated the fingerprint via IRC and via that url via a few Tor exits, but as of this point we have not yet verified it over any encrypted channel.
I will be attaching the GPG key I got from melange here, and will ask Julien to comment here and verify the attached key on trac is the same one he uploaded.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3269Please create an LDAP account for asn2011-05-24T07:31:28ZRobert RansomPlease create an LDAP account for asnasn (George Kadianakis) will need an LDAP account.
asn: Please provide your requested username, your real name (as you want it specified in GECOS (and possibly used elsewhere)), and the fingerprint of the OpenPGP key that should be able...asn (George Kadianakis) will need an LDAP account.
asn: Please provide your requested username, your real name (as you want it specified in GECOS (and possibly used elsewhere)), and the fingerprint of the OpenPGP key that should be able to control your LDAP account, then reassign the ticket to arma for approval (or to weasel if he has already approved it).weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3294Please create an ldap account for dcf2020-06-13T00:37:34ZRoger DingledinePlease create an ldap account for dcfname (first/middle/last): David Fifield
preferred username: dcf
forwarding email address: david at bamsoftware dot com
pgp key fingerprint: 4EA3 354B D62E BFD2 2554 C70A 0A9D EEFA 9F14 30E3
I signed his pgp key.name (first/middle/last): David Fifield
preferred username: dcf
forwarding email address: david at bamsoftware dot com
pgp key fingerprint: 4EA3 354B D62E BFD2 2554 C70A 0A9D EEFA 9F14 30E3
I signed his pgp key.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3326Write tools to make using the secteam Git repo less unpleasant2012-06-14T01:00:42ZRobert RansomWrite tools to make using the secteam Git repo less unpleasantRobert RansomRobert Ransomhttps://gitlab.torproject.org/legacy/trac/-/issues/3348Accept Donations via Bitcoin2011-06-05T23:13:04ZTom LowenthalAccept Donations via BitcoinThe Tor project solicits financial donations. Bitcoin is a pseudonymous crypto-currency. Accepting Bitcoins would allow for the receipt of donations from those who might not otherwise be able to donate openly; it would support Bitcoin, w...The Tor project solicits financial donations. Bitcoin is a pseudonymous crypto-currency. Accepting Bitcoins would allow for the receipt of donations from those who might not otherwise be able to donate openly; it would support Bitcoin, whose goals are aligned with those of the Tor project.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3352Need for a git repo2011-06-06T11:52:17ZJulien VoisinNeed for a git repoI need a git repo for my GSoC.
I think it should be public, so everyone can review my work.
My projet is the "Metadata Anonymisation Toolkit".I need a git repo for my GSoC.
I think it should be public, so everyone can review my work.
My projet is the "Metadata Anonymisation Toolkit".weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3598git rw access to tor-nagios.git2011-07-24T20:41:06ZAndrew Lewmangit rw access to tor-nagios.gitW access for tor-nagios DENIED to andrew
Can I have write access to tor-nagios.git? Thanks!W access for tor-nagios DENIED to andrew
Can I have write access to tor-nagios.git? Thanks!https://gitlab.torproject.org/legacy/trac/-/issues/3602auto-create tor versions in trac2013-09-04T15:57:35Zweasel (Peter Palfrader)auto-create tor versions in tracMaybe we should create tor versions in trac based on what kind of tags are in git.
Does that sound useful?Maybe we should create tor versions in trac based on what kind of tags are in git.
Does that sound useful?weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3603Start using smart http for git2011-07-18T14:40:42ZSebastian HahnStart using smart http for gitOn jepsonii we should start using git-http-backend for read-only access so that clones and updates via http(s) get faster.On jepsonii we should start using git-http-backend for read-only access so that clones and updates via http(s) get faster.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/3640Request for new account2011-07-25T18:07:59ZArturo FilastòRequest for new accountHello,
I would require a torproject account to access the git repository to work on a project with Jake.
These are my personal details:
name: Arturo Filastò
username: "art" or "hellais"
email address: art@fuffa.org
pgp key fingerprint: ...Hello,
I would require a torproject account to access the git repository to work on a project with Jake.
These are my personal details:
name: Arturo Filastò
username: "art" or "hellais"
email address: art@fuffa.org
pgp key fingerprint: 92D9 6CF7 172F 7830 4660 0ED8 45B8 8EAE 1A13 46E3
Sebastian and Andrew should be signing my key and other people can verify my key fingerprint tomorrow at the Tor dev meeting.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3853Support email flooding tor-assistants2020-06-13T00:30:32ZDamian JohnsonSupport email flooding tor-assistantsOk, I'm not sure if a ticket will help get the ball rolling but it's worth a shot. As everyone on tor-assistants@ knows we've been getting a flood of support email. This is most Persian, missing a subject, or otherwise easily identifiabl...Ok, I'm not sure if a ticket will help get the ball rolling but it's worth a shot. As everyone on tor-assistants@ knows we've been getting a flood of support email. This is most Persian, missing a subject, or otherwise easily identifiable but by now it's numbering in the thousands.
Considering the number of people on tor-assistants@ this is collectively soaking up a lot of time. What I understand from asking about this last week is that making a support list was blocked on getting a ticketing system, which was blocked on getting a vm, which was blocked on hardware... and that seemed like a very odd reason to not make an email list. :)
Could we please move forward with making a support@ list and shifting common sources of support queries (like get-tor) to use it?https://gitlab.torproject.org/legacy/trac/-/issues/3859upgrade trac to 0.122014-01-20T09:24:59ZErinn Clarkupgrade trac to 0.12Debian finally upgraded the version of Trac it has available to 0.12! We should figure out how to upgrade and migrate everything and do it soon. If this is a complex thing, this can be the parent ticket.
http://bugs.debian.org/cgi-bin/p...Debian finally upgraded the version of Trac it has available to 0.12! We should figure out how to upgrade and migrate everything and do it soon. If this is a complex thing, this can be the parent ticket.
http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=trac;dist=unstablehttps://gitlab.torproject.org/legacy/trac/-/issues/3883Trac doesn't allow needs_information to needs_review state change2012-10-03T09:24:26ZSebastian HahnTrac doesn't allow needs_information to needs_review state changeJust had that issue in #2003. Trac doesn't offer the radio button for needs_review when a ticket is in needs_informationJust had that issue in #2003. Trac doesn't offer the radio button for needs_review when a ticket is in needs_informationErinn ClarkErinn Clarkhttps://gitlab.torproject.org/legacy/trac/-/issues/3884add me to security@2020-06-13T02:19:31ZJacob Appelbaumadd me to security@I'd like to be added to the security@ aliasI'd like to be added to the security@ aliasAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3932Create new address for GetTor second level support2011-09-10T19:15:24ZJacob AppelbaumCreate new address for GetTor second level supportI propose that we create a new email address for inclusion rather than tor-assistants@torproject.org - the influx of email is too much and I can't get signal from noise anymore.
I propose the following:
gettor-help@torproject.org
gettor...I propose that we create a new email address for inclusion rather than tor-assistants@torproject.org - the influx of email is too much and I can't get signal from noise anymore.
I propose the following:
gettor-help@torproject.org
gettor-help+de@torproject.org
While I'm fine routing it to tor-assistants as a simple forward now, I'll be able to easily filter on these email addresses.
In the future, I'd like to see gettor to handle these emails automatically - with a generic help text in all languages for gettor-help and a language specific help text with the right language code gettor-help+de - at the second level help text, I propose that we eventually introduce support@torproject.org whenever that is active.
Thus a human from Tor may still reply but at least in this case:
1) humans that want to reply will get the messages
2) humans that *don't* want the messages will be able to easily filter
3) all users get some help automatically
4) anyone who needs additional help can email after having all the information we might send them in the first placeAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3939please create a tor-qa list2011-09-16T02:46:22ZErinn Clarkplease create a tor-qa listIt's me vs. 1000 tor packages. I am not keeping up and I don't think tor-talk is the right list to do QA.
I'm going to see if I can get some volunteers to help me out, short-term (the next three months) and see how it works out, but th...It's me vs. 1000 tor packages. I am not keeping up and I don't think tor-talk is the right list to do QA.
I'm going to see if I can get some volunteers to help me out, short-term (the next three months) and see how it works out, but there is no way we're not going to need QA after that time period, so I think we need a list specifically for this purpose.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/3999add helix and mikeperry to check group2011-09-12T08:58:12Zweasel (Peter Palfrader)add helix and mikeperry to check groupMon 10:52:19 <kaner> weasel: can you add mikeperry and helix to the check group? :)
Mon 10:52:32 <kaner> pleaseMon 10:52:19 <kaner> weasel: can you add mikeperry and helix to the check group? :)
Mon 10:52:32 <kaner> pleaseAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/4021mailinglist auto moderate2011-09-21T03:40:28Zweasel (Peter Palfrader)mailinglist auto moderateit looks like some lists are not really getting moderated.
Maybe we should try to auto-moderate things like tor-dev.
By automoderate I mean:
- send all mail that isn't from subscribers to a script.
- that script pipes the mail into s...it looks like some lists are not really getting moderated.
Maybe we should try to auto-moderate things like tor-dev.
By automoderate I mean:
- send all mail that isn't from subscribers to a script.
- that script pipes the mail into spamassassin.
- if it scores badly, discard it right there
- if it scores as ham, approve the mail
- only if it's borderline bound it to a human moderator.
- the human moderator would have to approve/discard the mail
by bouncing it to one of two addresses. No more using the web interface.
If we want that I can set it up.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/legacy/trac/-/issues/4046Add aagbsn and rransom to tor-exitscanner2011-11-03T16:38:07ZMike PerryAdd aagbsn and rransom to tor-exitscannerWe need aagbsn at extc org, exitscanner extc org and rransom.8774 at gmail com added to the tor-exitscanner list.
rransom: do you want your scanner to send mail from a separate account? Both will need to be subscribed in that case.We need aagbsn at extc org, exitscanner extc org and rransom.8774 at gmail com added to the tor-exitscanner list.
rransom: do you want your scanner to send mail from a separate account? Both will need to be subscribed in that case.Robert RansomRobert Ransomhttps://gitlab.torproject.org/legacy/trac/-/issues/4049make ldap account for aagbsn2011-09-20T19:09:41ZRoger Dingledinemake ldap account for aagbsnWe should make an account for aagbsn so he can have a gitweb aagbsn/bridgedb.git repo.We should make an account for aagbsn so he can have a gitweb aagbsn/bridgedb.git repo.weasel (Peter Palfrader)weasel (Peter Palfrader)https://gitlab.torproject.org/legacy/trac/-/issues/4053please give dererk upload access to the deb.tpo repo2011-10-23T22:37:37ZErinn Clarkplease give dererk upload access to the deb.tpo repodererk has been maintaining Vidalia in the Debian proper repositories for a while now, and he's also recently been working on torctl and arm with atagar. My own packaging dancing card is too full as it is, so I asked him if he'd be willi...dererk has been maintaining Vidalia in the Debian proper repositories for a while now, and he's also recently been working on torctl and arm with atagar. My own packaging dancing card is too full as it is, so I asked him if he'd be willing to take care of the Vidalia packages in our repos (for all suites / architectures) and he said he would.
Can we give him access to the deb.tpo repo? I'm not sure if he has access to build machines that are sufficient for building all of these packages, but we should probably give him access to dixie's build infrastructure (all the chroots, sbuild-stuff, etc.) as well.Ulises VitulliUlises Vitullihttps://gitlab.torproject.org/legacy/trac/-/issues/4078Herd wombats into writing a proposal for #29052011-10-26T00:58:56ZMike PerryHerd wombats into writing a proposal for #2905I foolishly offered to try to help everyone untangle #2905 and related tickets (there are like 3 or 4 now, I think?) into a proposal document. The issue touches too many components, and I think we're epically lost in confusion as a resul...I foolishly offered to try to help everyone untangle #2905 and related tickets (there are like 3 or 4 now, I think?) into a proposal document. The issue touches too many components, and I think we're epically lost in confusion as a result.
I commit to providing an outline of our plan and/or minutes as part of my herding responsibilities.
I do not (yet) commit to writing the entire proposal.Mike PerryMike Perry