#tor-meeting log

16:59:16 <ahf> #startmeeting Network team meeting, 24 January 2022
16:59:16 <MeetBot> Meeting started Mon Jan 24 16:59:16 2022 UTC.  The chair is ahf. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:59:16 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:59:18 <ahf> hello hello
16:59:22 <nickm> hello everybody!
16:59:40 <ahf> pad is at https://pad.riseup.net/p/tor-netteam-2022.1-keep
16:59:41 <jnewsome> o/
16:59:49 <ahf> i just got out of a meeting so 2 sec then i'll be ready
17:00:10 <mikeperry> o/
17:00:20 <Diziet> o/
17:00:25 <dgoulet> hi
17:01:00 <ahf> ok
17:01:14 <ahf> how are folks doing with their boards?
17:01:15 <GeKo> hi
17:01:27 <eta> o/
17:01:36 <ahf> o/
17:01:42 <juga> o/
17:01:51 <nickm> ahf: doing fine.  GOing to run out of arti stuff in a bit, but when I do I'll confer with eta and Diziet :)
17:02:08 <Diziet> We have a fine backlog for you :-).
17:02:28 <dgoulet> Hsv3? :P :P
17:02:28 <ahf> LOL Diziet <3
17:02:29 * eta is doing okay
17:02:37 <ahf> nickm: very nice
17:03:02 <nickm> .msg dgoulet don't tell anybody about our secret weekend hacking sessions
17:03:04 <nickm> ;)
17:03:19 <ahf> hehe
17:03:24 <dgoulet> ehhe
17:03:26 <ahf> dgoulet: any updates on tor.git releases?
17:04:04 <dgoulet> yes yes
17:04:08 <dgoulet> 0.3.5.18 releasing today
17:04:11 <dgoulet> LAST ONE of the series
17:04:17 <dgoulet> dying in 7 days
17:04:21 <dgoulet> that is about it ;)
17:04:36 <ahf> very nice, the chance of some critical bug arriving in the next week is probably above 9000% now then
17:05:10 <dgoulet> I'll let mikeperry update us about 047 future and CC
17:05:12 * dgoulet done
17:05:23 <ahf> let's do that in s61
17:05:25 <ahf> ok
17:05:36 <ahf> nothing bad coming in from other teams
17:05:43 <ahf> (nothing good either, very neutral)
17:06:00 <ahf> thanks all for being so fast at responding to the 1:1 meeting scheduling. i'll write out about that today/tomorrow
17:06:16 <ahf> we have a discussion item from nickm:
17:06:18 <ahf> [2022-01-24] Arti security policy needs finalization; we're discussing one paragraph. Are we all okay with https://gitlab.torproject.org/tpo/core/arti/-/issues/237#note_2770790 or https://gitlab.torproject.org/tpo/core/arti/-/issues/237#note_2771607 ? -nickm
17:06:55 <nickm> FWIW I am fine with either version, but since it's a team-policy issue it's best if we all agree
17:07:44 <dgoulet> I gave a thumbs up earlier
17:08:08 <Diziet> IME with the Xen Project the scope of security policy stuff like this is mainly to decide "shall we issue an advisory", "shall we take the patch" type questions
17:08:18 <ahf> i don't have a strong opinion about that :o
17:08:44 <ahf> i think eta's last line is sensible and gives us a bit more freedom to decide in the situations?
17:08:49 <Diziet> We don't do advisories yet for arti I think ?  So it's largely a question of what we intend, and what patches we'll take
17:09:48 <Diziet> I am fine with eta's wording.  I think what that means is that if we *discover* an upstream vuln we at least might mention it somewhere or bump our Cargo.toml or something.
17:10:04 <ahf> i hope you don't do advisories, but we have seen before with tor.git that people does CVE's "on us" with their own stuff that forces us to respond to something we care little about
17:10:10 <Diziet> And we would take a patch if it wasn't awful.
17:10:12 <ahf> ya
17:10:25 <nickm> ok. If everbody's okay with eta's version I'll merge it onto the wiki
17:10:30 <ahf> cool
17:10:34 <eta> I intended it as "we take responsibility for our code and our dependencies as specified in Cargo.lock, but if you change dependency versions that's on you"
17:10:35 <nickm> and call that a policy
17:10:49 <ahf> yeah
17:10:52 <ahf> ok, very good
17:10:57 <ahf> mikeperry: wanna do s61 sync?
17:11:12 <mikeperry> kk
17:11:35 <mikeperry> so it has been a while since the last irc meeting
17:12:02 <mikeperry> I have been finishing off the parameter tuning thanks to lots of extra runners via jnewsome's credit. pretty much done there
17:12:11 <ahf> nice
17:12:34 <mikeperry> dgoulet and I have exit and onion service negotiation branch. I ran a sim with it over the weekend (exit-only tho). it worked!
17:12:50 <mikeperry> we will be preparing that for review and updating the spec this week
17:13:25 <mikeperry> with that branch, the next round of sims will do various tests to ensure it is ready for an alpha 0.4.7 release: https://gitlab.torproject.org/mikeperry/tor/-/blob/cc_shadow_experiments_v2/SHADOW_EXPERIMENTS.txt#L868
17:13:29 <mikeperry> (Round 5)
17:13:46 <mikeperry> the main priority is making sure we sim onion services, which jnewsome has been working on
17:14:12 <mikeperry> I need to look over that still tho
17:14:31 <mikeperry> jnewsome: I am guessing the graphing onion service perf results still needs to be done? will that be hiro?
17:14:35 <ahf> ok so we need more eyes on the negotiation code at some point this week?
17:14:53 <jnewsome> mikeperry: that's my understanding
17:15:23 <mikeperry> ahf: yeah. dgoulet is looking over my changes for onion service path length params, and then we will make an MR and mark it needs review
17:15:39 <mikeperry> I will also update the spec with the new default params from simulation, which are also updated in that branch
17:15:46 <jnewsome> the PR for adding onion service support to tornettools is ~done. just sent it back to Rob for review. And I have a PR+branch of our sims that use that, with some onion services added
17:15:51 <ahf> sounds good
17:16:16 <mikeperry> jnewsome: ok. this is for background traffic? can we tune the % of that?
17:16:35 <jnewsome> it adds both bg traffic and perf clients. yes, it's tunable
17:16:40 <mikeperry> nice
17:17:09 <ahf> ah nice that rob is in on it too
17:17:10 <ahf> cool
17:17:49 <mikeperry> Gaba wrote a draft of the quarterly report and sent me a link. I see GeKo has some updates for it?
17:17:56 <mikeperry> GeKo: do you have the links from gaba?
17:18:02 <mikeperry> the nextcloud ones
17:19:17 <GeKo> yes
17:19:31 <GeKo> there are sections i need to fill in to O4 i think
17:19:38 <GeKo> and some indicators that are still missing
17:19:42 <GeKo> i'll address that tomorrow
17:19:53 <GeKo> the doc is at https://nc.torproject.net/s/2siCpFxXkzTASXp
17:20:06 <mikeperry> ok. yeah, I am also not sure if Gaba filtered out the perf time periods from when we had the DoS and bad relay removals
17:20:19 <gaba> i still did not. I also need some numbers from hiro
17:20:20 <GeKo> the indicators are at https://nc.torproject.net/s/HWNLp4Etf34tM9Z
17:20:55 <GeKo> yeah, i'll update the ticket for gaba, too
17:21:09 <GeKo> so we have the exact dates for those indicidents
17:21:26 <GeKo> i guess i'll do that direct after the meeting
17:21:43 <mikeperry> I lost that ticket we were tracking those things in.. bleh
17:21:47 <mikeperry> what was it again?
17:21:58 <GeKo> https://gitlab.torproject.org/tpo/network-health/team/-/issues/161
17:22:33 <GeKo> i am not sure how we want to deal with the censorship in russia part
17:22:34 <mikeperry> ah great, thanks
17:22:44 <GeKo> that started like begin of december
17:22:57 <GeKo> but i am not sure if the potential perf impact is enough to get filtered out
17:23:21 <GeKo> hard to say without having done some analysis :)
17:23:29 <mikeperry> hrm, yeah likely that did not make anything go haywire wrt perf
17:23:39 <GeKo> that would be my assumption, too
17:24:14 <mikeperry> we did start getting some attacks again, but I think those weren't until Jan
17:24:27 <GeKo> i think so, yes
17:25:05 <GeKo> gaba: can you create an org-wide gitlab label "Performance Impact" where we can tag tickets with in different projects?
17:25:19 <GeKo> mikeperry: so for that ticket i think we should just take the first three items i listed
17:25:27 <GeKo> and go with those for this report
17:25:38 <mikeperry> GeKo: yeah, that sounds good
17:26:20 <gaba> geko: yes
17:26:40 <ahf> anything else for today?
17:27:05 <mikeperry> I think that's it. I will follow up with jnewsome and maybe hiro after
17:27:27 <ahf> sounds good, please poke network-team in @tpo/core on GL when there is stuff to review 8)
17:27:41 <ahf> ok, thanks all for the meeting. see you at our next sync on thursday o/
17:27:45 <ahf> #endmeeting