Delivery-Date: Tue, 29 Sep 2015 16:41:47 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 15BDC1E0EC8;
	Tue, 29 Sep 2015 16:41:45 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 314C235DF6;
	Tue, 29 Sep 2015 20:41:39 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 2C42A32BFB
 for <tor-talk@lists.torproject.org>; Tue, 29 Sep 2015 20:41:33 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id vK6lo-GGingp for <tor-talk@lists.torproject.org>;
 Tue, 29 Sep 2015 20:41:33 +0000 (UTC)
Received: from mail.aclu-wa.org (mail.aclu-wa.org [67.50.195.170])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "mail.aclu-wa.org",
 Issuer "DigiCert SHA2 Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id EEDE432363
 for <tor-talk@lists.torproject.org>; Tue, 29 Sep 2015 20:41:32 +0000 (UTC)
X-Greylist: delayed 330 seconds by postgrey-1.34 at eugeni;
 Tue, 29 Sep 2015 20:41:32 UTC
Received: from EXCHANGE.hq.aclu-wa.org (192.168.2.4) by
 exchange.hq.aclu-wa.org (192.168.2.4) with Microsoft SMTP Server (TLS) id
 15.0.1044.25; Tue, 29 Sep 2015 13:35:58 -0700
Received: from EXCHANGE.hq.aclu-wa.org ([fe80::f493:75dc:31fd:5ae]) by
 exchange.hq.aclu-wa.org ([fe80::f493:75dc:31fd:5ae%13]) with mapi id
 15.00.1044.021; Tue, 29 Sep 2015 13:35:58 -0700
From: Christopher Sheats <csheats@aclu-wa.org>
To: "tor-talk@lists.torproject.org" <tor-talk@lists.torproject.org>
Thread-Topic: Corporate policy and procedure
Thread-Index: AdD69m2jW20tbDxfTdCvut3evRr50Q==
Date: Tue, 29 Sep 2015 20:35:57 +0000
Message-ID: <9a6091a2f3ad43669b81a7020490572f@exchange.hq.aclu-wa.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.168.2.104]
MIME-Version: 1.0
Subject: [tor-talk] Corporate policy and procedure
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Dear Tor Talk,

As part of my internship work with the ACLU of Washington, I'm looking for practical examples of corporate policies and procedures for:

1. Deploying Tor relays and management
2. Deploying Tor Browser on client computers and management

I will be preparing templates, and related Tor education/marketing materials, for organizations within Washington State that we want to see supporting Tor. We will also publish these materials using a public domain license for anyone to use.

For example, if a library or law office, etc, wanted to support Tor by one or both of the above examples, they might want to develop internal policies detailing how to deploy it and how to manage it. This might be important material to have in advance when advocating to managers or a board of directors.

A policy to manage a Tor relay might include:
1. Statement of purpose
2. Device access policy
3. Abuse complaints policy
4. Admin management policy
5. Isolated network zone exception policy
6. Links to any related standard operating procedures

A standard operating procedure for Tor relay management might include:
1. List of maintainers, contact information, and escalation procedures
2. Maintenance schedule
3. Management commands and expected outcomes
4. Troubleshooting steps. Reference to internal governing policy

Regarding policies and procedures for managing Tor Browser, should it be managed any differently than Firefox or Chrome? Clearly the network traffic is different from standard HTTP/HTTPS but more like HTTPS. QoS might not work at all. If companies replace client-side SSL/TLS certs for monitoring, would that affect Tor Browser? Exception policies might be prudent. Updating procedures might be different.

If your work place has any of the above documents or you have prepared similar documents in your own advocacy, please email me a copy or a redacted copy, and thank you!

--
Chrsitopher Sheats
Encryption Evangelism Intern
ACLU of Washington
901 Fifth Avenue, Suite 630
Seattle, WA 98164
https://aclu-wa.org/


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

