From pde at eff.org Mon Apr 26 15:45:56 2010 From: pde at eff.org (Peter Eckersley) Date: Tue, 27 Apr 2010 08:45:56 +1000 Subject: [ch-dev] Switzerland design document In-Reply-To: References: Message-ID: <20100426224541.GE12532@tapdance2.reworld.org> On Fri, Apr 23, 2010 at 09:05:57PM +0300, Alex Maltinsky wrote: > Hi Peter, > > Could you please tell me how updated is the Switzerland design > document? It seems a bit old. > Is the code in the SVN a reflection of that design or have things changed? Hi Alex, I'd say the design document is about reasonably, but not entirely, accurate. There are some things that didn't get implemented; in particular, the idea of a "circle" is not currently used; currently all switzerland clients connected to a given server can see each other. There are also some tricky subjects that the design document doesn't fully describe. In particular, the way the clients respond to the "forged-in" and "forged-out" messages with "fi-context" and "fo-context" is somewhat complicated and isn't currently documentd in the design. For the time being, you'd need to refer to the code if you wanted to understand those. An area in which the design document is accurate, but the design/code turned out to be inadequate, is the sending and handling of the "active-flows" messages. It turns out that those don't contain enough information to enable the server to reliably match flows in cases where both clients are firewalled. That portion of the code will need to be redesigned/replaced with a system of more subtle heuristics if Switzerland is ever going to be a useful practical tool. -- Peter Eckersley pde at eff.org Senior Staff Technologist Tel +1 415 436 9333 x131 Electronic Frontier Foundation Fax +1 415 436 9993