#tor-dev log

17:59:29 <GeKo> #startmeeting tor-browser
17:59:29 <MeetBot> Meeting started Mon Apr 18 17:59:29 2016 UTC.  The chair is GeKo. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:59:29 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
17:59:41 <GeKo> hi everyone!
18:00:05 <GeKo> i guess we start with the usual status updates. who wnats to go first today?
18:00:12 <GeKo> *wants even
18:00:47 <GeKo> i can start this time i guess
18:01:13 <GeKo> this week i worked on the OS X signing and it seems our code-signing is working now
18:01:36 <GeKo> #18820 is left and i currently have no clue how to solve that efficiently
18:01:48 <GeKo> ideas are very welcome!
18:02:12 <GeKo> there is one caveat: timestamping is not working as our signing box is locked down
18:02:31 <GeKo> this was already a pain in the ass wrt the windows bundles
18:02:43 <GeKo> but i guess this time it will even be more fun to get right
18:03:11 <GeKo> but this is no blocker for now; definitely not for the alphas
18:03:36 <GeKo> then i worked on getting our esr45 branch into shape: tor-browser-45.0.2esr-6.x-1 should be it
18:03:59 <GeKo> thanks for everybody who has been helping with #15197 and friends
18:04:06 <GeKo> *thanks to
18:04:27 <GeKo> then i worked a bit on the OTF proposal and had to deal with bug bounty stuff
18:05:07 <GeKo> i finished #13419 and #14970
18:05:33 <GeKo> the former is actually closing two affected bugs as well, so, yay!
18:05:53 <GeKo> and finally, i worked on the network audit issues
18:06:23 <GeKo> this week i'll continue to address all remaining issues there and do reviews + prepare releases i guess
18:06:33 <GeKo> that's it for now
18:07:15 * mcs will go next
18:07:24 <mcs> Last week, Kathy and I filed tickets for the “stuff we should fix” items from #18546.
18:07:32 <mcs> We worked on all of them (#18799, #18800, #18801, #18802).
18:07:42 <mcs> #18800 still has status “Needs Information” but the other tickets are closed.
18:07:49 <mcs> For #18800, we will probably just proceed and develop a patch that always uses 127.0.0.1 for the IP address (feedback is welcome).
18:07:56 <mcs> We also rebased the patch for #18777 last week.
18:08:00 <mcs> Last but not least, we reviewed a bunch of ESR45 fixes.
18:08:06 <mcs> This week we will create a patch for #18800 and we will work on other ESR45 issues.
18:08:11 <mcs> For example, we could start looking at #16673 if no one else is working on it.
18:08:17 <mcs> That’s all for us.
18:08:32 <GeKo> looking at that one would be helpful, yes
18:08:37 <mcs> OK
18:08:54 <GeKo> might be hard to get it isolated in time
18:09:13 <GeKo> so, we probably have to go the disabling road for now. but who knows :)
18:09:47 <arthuredelstein> I just posted a disabling patch for #16673 because it was very simple
18:10:06 <mcs> Ah, that’s good.
18:10:24 <mcs> Is isolation going to be really hard or is it an unknown?
18:10:47 <arthuredelstein> I haven't looked at the implementation yet.
18:10:51 <mcs> (and maybe there are other things Kathy and I should work on this week instead)
18:10:52 <mcs> OK
18:11:17 <mcs> GeKo: Feel free to adjust our priorities as needed.
18:12:01 <GeKo> ok. tbb-6.0a5 looks not that bad. i guess feel free to look at the stuff taht you think is most severe and tagged with ff45-esr
18:12:06 <mikeperry> I think alt-svcs only makes sense if we're going to enable all of http/2. and making sure the features that are enabled are safe and working properly probably takes higher priority.
18:12:18 <GeKo> like stuff you want to see geeting an alpha testing exposure
18:12:33 <mcs> GeKo: Sounds good.
18:12:44 <GeKo> *getting even
18:13:19 <GeKo> mikeperry: good point
18:15:15 * amoghbl1 wonders if he can go next
18:15:24 * arthuredelstein will go after amoghbl1
18:15:47 <amoghbl1> OK, so as of last week, we got down a stable build of Orfox
18:16:16 <amoghbl1> n8fr8 is working on the security patches related to that that were brought up with the thread with the mozilla folk
18:16:56 <amoghbl1> Based on which ones he sees required for the present update we have scheduled, he will work on those and get something out quick
18:17:28 <amoghbl1> As for ESR45, I think we are going to have to wait until all the tbb patches land to work on it
18:18:21 <mikeperry> amoghbl1: when you get to ESR45 (we should have an alpha out for it in the next week), you should keep an eye on #18546 FYI. there are some things there that may affect android. I will be updating it with more stuff this week, but all the remaining stuff is cross-platform (and low risk)
18:18:53 <GeKo> i think you can start with tor-browser-45.0.2esr-6.x-1 for testing purposes
18:19:36 <GeKo> we might add some android related patches coming from #18546 but the vast majority of our patches is already there
18:20:05 <amoghbl1> thanks for the pointer mikeperry.
18:20:22 <amoghbl1> And yes, I will be able to start testing once tor-browser-45.0.2esr-6.x-1 is out
18:21:01 <amoghbl1> I've mentioned a rebase work section in my GSoC proposal, but looks like we got that down last week, so I could use that time to work on things related to esr45
18:21:25 <amoghbl1> That's it from me!
18:23:24 * arthuredelstein can go now
18:23:29 <arthuredelstein> Last week I worked on finishing up patches for #15197.
18:23:38 <arthuredelstein> And I did some work on #18741.
18:23:50 <arthuredelstein> It seems that there is some apparently redundant favicon code that I can comment out to get rid of the problem, but I'm trying to understand it more deeply.
18:24:12 <arthuredelstein> I also worked on #16998 and #16326. I hope to post patches for these later this week.
18:24:38 <GeKo> do we need something for #16326?
18:24:50 <GeKo> or are we lucky here with the existing stuff we have?
18:25:09 <arthuredelstein> It seems to be OK but I want to have a patch for our caching regression test.
18:25:22 <GeKo> ok
18:26:55 <arthuredelstein> So this week I'll try to finish up those patches and if there is any more time, I'll take on any other needed tbb-6.0a5 ticket.
18:26:58 <arthuredelstein> That's it for me
18:27:56 <mikeperry> for the OTF proposal, do we have a clear set of options for more secure updater work? I am reluctant to list it given the somewhat uncertain state of getting Prop@227 into Tor and reliably performed by dirauth operators. That doesn't mean we can't do it, it just means it's risky to list as a deliverable
18:28:09 <mikeperry> prop#227, even
18:29:39 <mikeperry> oh, I guess it was implemented in tor-core. mised that :). still it will need scripts/plumbing/coordination with dirauth operators, and some tricky logic for deciding what to do if there are byzantine failures causing omissions of the hash url, etc
18:30:33 <mikeperry> I could easily see a long and annoying "experimental" phase for such a thing. and if dir-auths decide to riot about the scripts being too sketchy or too much work or whatever, we'd be in trouble
18:30:45 <GeKo> yes, we could think about #13730 or #17216
18:30:50 <mikeperry> do we have alternatives for it?
18:30:59 <mikeperry> ah, ok
18:31:09 <GeKo> and i thought we should evaluate the things mentioned in leif's piece
18:31:56 <GeKo> so, my idea was having a throught analysis phase where we put all the ideas floating around on the table
18:32:20 <GeKo> and then we pick one that seems best to us at the moment and get that done
18:33:24 <GeKo> *thorough
18:33:25 <mcs> Being smart about our options seems like a good idea.
18:33:59 <mcs> We want to make sure we add value rather than make the updater less reliable somehow
18:34:06 <mcs> (so secure it doesn’t work?)
18:34:40 <GeKo> exactly. there are a bunch of ideas available where i'd like exactly against which threats they are helping
18:35:02 <GeKo> bah, *to know exactly
18:35:10 <mikeperry> we may be transitioning to a CDN for the packages themselves, so even that may require some security consideration
18:35:18 <GeKo> indeed
18:35:33 <mikeperry> for example, the pings to get the new files + hashes should probably not come from that CDN, but a hiddenservice or separate pinned HTTPS cert
18:35:49 <mcs> There are also some implementation tradeoffs because whatever we do will probably involve additional core browser patches.
18:36:01 <mikeperry> so, ok. work will definitiely happen there anyway
18:36:10 <GeKo> yes
18:37:45 * boklm will give an update next
18:37:58 <boklm> This past week I finished converting all Mozmill tests to Marionette (#16009)
18:37:59 <boklm> This week I'm planning to work on #17895, #18597, #18845
18:38:10 <boklm> I will also look at #18820 to see if I have some ideas on how to solve this
18:38:21 <boklm> That's it for me.
18:39:21 <GeKo> re #17895: just getting nsis cross-compiled and used for our bundles would be enough for the alpha i think
18:39:34 <boklm> ok
18:39:40 <GeKo> we can test the other stuff during build (hehe) and in the coming weeks
18:40:03 <GeKo> and thanks for stepping up
18:40:21 <GeKo> i should have delegated that one earlier i guess :(
18:40:49 <GeKo> it almost dropped from my radar but coderman came to the rescue
18:42:59 <GeKo> so, who is left? mikeperry?
18:43:03 <mikeperry> ok, so this OTF proposal has a soft submission date of Wednesday. I am hoping to get everything on the TBB side in shape for GeKo by then, but both isabela and I are occupied with other stuff this week, so we probably will need the extra time. I am thinking we should circulate it among the team first, if we can, also, but time pressure may prevent that
18:45:47 <mikeperry> other than that, I will be finishing the Firefox networking review. but like I said, the remaining stuff is all just the XPCOM usage of networking functions. low-risk. mostly only addons use that stuff
18:47:14 <GeKo> okay. is anyone else here for status updates? do we have discussion topics today? questions?
18:49:39 <GeKo> thanks everybody *baf*
18:49:43 <GeKo> #endmeeting