update on Tahoe/Tor/Foolscap integration

Tue Sep 1 15:56:28 UTC 2015

Dear David:

Please don't send posts to the tahoe-dev mailing list which contain
criticisms of other people's behavior. I want people to continue to
feel free to post to this list, expecting a kind and friendly
response. This isn't because I have some kind of religious preference
for kindness — it is a strategy: I think that in the long run we'll be
more effective at protecting people from surveillance and exploitation
if our mailing list is a friendly and encouraging place to
collaborate.

Now, if I understand your feelings correctly, you are understandably
frustrated at the many years of delay, and the many exhausting
meetings that we've recently had about this, and the fact that you've
already spent many hours writing code intended for this goal which
subsequently had to be thrown out due to conflicting design issues.
I'm concerned about those things, too.

The bottom line is that we're going to remove the "auto-detect my IP
address" feature, even though, as Paul, Daira, and Lukas have written,
it is valuable to some users. The auto-detection of IP address feature
currently only works in specific cases (as discussed in this thread,
it currently doesn't work when you're behind NAT, which is usually),
but more importantly, we need to stop supporting that feature in order
to be able to do other, more important things.

Unfortunately, we don't have the time and mental bandwidth to support
that feature as well as the Tor/I2P additions, and we also don't have
the time and mental bandwidth to revisit that decision at this point.

I want to thank Paul Rabahy for his long history of contributions to
the project: operating the test grid, participating in chats, helping
others with questions on the mailing list, and providing user
feedback. It is very valuable to know what features are being used and
how important those features are to people. Even though I'm not going
to revisit the decision to deprecate the auto-detection-of-IP-address
feature, I think it is very valuable to know *just how much it hurts*
to lose the functionality, because for one thing we might be able to
put it back in a better way in the future, possibly even by leveraging
the new Tor functionality…

Regards,

Zooko

P.S. For archaeologists who want to delve into the history, here is a
post I wrote three years ago suggesting that we were occupying an
"uncanny valley" of half-assed peer-to-peer and that we should head
toward full-assed peer-to-peer or full-assed client-server:

https://tahoe-lafs.org/pipermail/tahoe-dev/2012-July/007533.html

But, the reason we're making this change today is not primarily
because of that argument, but primarily because David needs a clear
and committed design direction so that he can drive forward on
implementing Tor integration, and Brian is driving this design, and
Brian decided, after exploring quite a wide spread of engineering and
usability trade-offs, to go for this design. So it is actually mostly
Brian's decision, and I'm putting my weight behind it in this email in
large part just because I think it is good for the project is Brian
feels like he can make decisions, and they stick, and he doesn't have
to spend *too* much time arguing for them. (Although he is certainly
always diligent about posting justifications for such decisions.)