Deliverables
-
Documentation
- TorBirdy Design Document (see #8775 (closed)).
- Details TorBirdy's design and the Thunderbird preferences we change (the ''what'' and the ''why'').
- Create end-user documentation that details the steps required for
users to use and configure TorBirdy. See #6446 (closed).
- This should cover Windows (#8909 (closed)), Linux (#8910 (closed)), OS X (#8911 (closed)), with screenshots of the installation process.
- The idea is to make it easy for '''anyone''' to use TorBirdy, not just advanced users.
- Document the testing steps for motivated and regression testers by providing a detailed feature list, test cases and expected behavior. See #7060 (closed).
- Write a detailed FAQ that handles the most frequently asked
questions, such as:
- "Why don't you allow changing Thunderbird settings when TorBirdy is enabled?"
- "Why is automatic checking of emails disabled and how do I enable it?"
- TorBirdy Design Document (see #8775 (closed)).
-
Thunderbird Patches
- Work on getting our patches accepted by Mozilla; given the current
feedback, this probably involves rewriting them. This is very important
as these patches will plug the two (currently) known leaks in TorBirdy.
- See tickets #6314 (closed), #6315 (closed) and https://bugzilla.mozilla.org/show_bug.cgi?id=776397.
- Work on getting our patches accepted by Mozilla; given the current
feedback, this probably involves rewriting them. This is very important
as these patches will plug the two (currently) known leaks in TorBirdy.
-
Security Audit
- The last time we audited TorBirdy was when we released v0.0.3 one
year ago. We should do this again and preferably after every release to
make sure that we are safe from any sketchy features Thunderbird
introduces with every new release.
- Review overall security, check existing and new preferences.
- Review some popular add-ons (such as Lightning, see #6319 (closed)) to make
sure they are safe to use.
- As "some add-ons" is a broad term, starting with #6319 (closed) is a good idea...
- After that, we should have a system where we are open to reviewing new add-ons if someone requests them.
- The last time we audited TorBirdy was when we released v0.0.3 one
year ago. We should do this again and preferably after every release to
make sure that we are safe from any sketchy features Thunderbird
introduces with every new release.
-
HTTP Proxy
- GPG has no SOCKS5 support, so we need a HTTP proxy for
TorBirdy for the Enigmail traffic. See #6974 (closed).
- There are two possible solutions:
- ship a HTTP proxy with TorBirdy,
- use a JavaScript HTTP proxy. See #6958 (closed).
- There are two possible solutions:
- GPG has no SOCKS5 support, so we need a HTTP proxy for
TorBirdy for the Enigmail traffic. See #6974 (closed).
-
Integrating Tor
- Right now, we are assuming the user has Tor installed before running TorBirdy, and if not, we ask the user to install it separately. We should start shipping Tor with TorBirdy as a single package, for each platform that we support. See #8936 (closed).
- [https://gitweb.torproject.org/tor-launcher.git tor-launcher] (the Vidalia replacement) is under active development and will be used to launch Tor for the TBB. We should use that for TorBirdy by either contributing to its development so that it supports Thunderbird out of the box, or just hack it to make it work for us.
- For the Tor binaries, we should either just get them from TBB, or start compiling them ourselves. This is open for debate.
- Right now, we are assuming the user has Tor installed before running TorBirdy, and if not, we ask the user to install it separately. We should start shipping Tor with TorBirdy as a single package, for each platform that we support. See #8936 (closed).
-
Miscellaneous Tasks
- Finish packaging TorBirdy for Debian. See #8030 (closed).
- Design a simple webpage that points to the relevant documentation. See #6017 (closed).
- Finalize TorBirdy's logo. See #6016 (closed).
Tickets
[[TicketQuery(keywords~=SponsorT,format=table,col=id|summary|keywords|owner|component)]]