164a165
>   <a href="#wget">Wget</a>
166a168,265
> <h3 id="wget"><a href="http://www.gnu.org/software/wget">Wget</a></h3>
> <p>GNU Wget is a free software package for retrieving files using
>   HTTP, HTTPS and FTP, the most widely-used Internet protocols. It is
>   a non-interactive commandline tool, so it may easily be called from
>   scripts, cron jobs, terminals without X-Windows support, etc.
> </p>
> 
> <h4> FTP Server for Test Suite</h4>
> 
> <p>
>   <b>Brief Explanation:</b> GNU Wget requires a FTP Server implementation that
>   implements all the relevant features from RFC 959 for testing Wget as a FTP
>   Client. While we have a couple of ideas on how this can be done, the student
>   is also expected to come up with their own ideas.
>   <br />
>   <br />
>   <b>Expected Results:</b> At the end of the project, we expect a functioning
>   FTP Test Suite that integrates with the already existing set of Python3 based
>   HTTP Tests. We should be able to test Wget for not only standards compliant
>   responses but for erroneous responses as well.
>   <br />
>   <br />
>   <b>Knowledge Prerequisites:</b> This will largely depend on the specific path
>   chosen by the student. However, we expect that a basic knowledge of Python
>   and C will be required along with the ability to understand technical
>   documentation.
> </p>
> 
> <h4>Speed up Wget's Download Mechanism</h4>
> <p>
>   <b>Brief Explanation:</b> This project requires the student to implement two
>   different, but small features to GNU Wget which will eventually help in
>   reducing the time taken for recursive downloads in Wget. The two features
>   are:<br />
>   1. if-modified-since Headers: Currently, when a file already exists on disk,
>   Wget first sends a HTTP HEAD request and based on the response, sends a
>   second HTTP GET request to the server. By parsing the "if-modified-since"
>   header, this can be reduced to simply one GET request. A good starting point
>   for this is RFC 7232 section 3.3.
>   <br />
>   2. TCP Fast Open: RFC 7413 describes a mechanism to reduce the number of Round
>   Trips required to open a TCP Connection. This has been implemented in the
>   Linux Networking Stack and since a large number of web servers are hosted on
>   Linux systems, Wget may be able to get better performance during small file
>   transfers or on connections with a high Round Trip Time.
>   <br />
>   <br />
>   <b>Expected Results:</b> At the end of the project, we should have support
>   for the "if-modified-since" headers and TFO in Wget. Simultaneously, the
>   relevant server side extensions need to be made to the test suite and tests
>   written for the above features.
>   <br />
>   <br />
>   <b>Knowledge Prerequisites:</b> The student will have to be confortable
>   reading and understanding techinical documentation and implementing them
>   in C. A rudimentary knowledge of Python is desired but not mandatory.
> </p>
> 
> <h4>Improve Wget's Security</h4>
> <p>
>   <b>Brief Explanation:</b> This project deals with improving Wget's security.
>   It is composed of three smaller sub-projects which may act as milestones for
>   the student:<br />
>   1. HTTP Strict Transport Policy (HSTS): This HTTP Header extension is
>   described by RFC 6797. It is a way for the server to instruct the client to
>   use HTTPS for certain domains irrespective of what the use requested.
>   <br/>
>   2. HTTP Secure Cookie Management: RFC 6265 states that a server may mark a
>   cookie as "secure", in which case a User-Agent (UA) should send the cookie
>   back to the server <i>if and only if</i> the connection to the server is
>   over a secure transport. Currently, Wget ignores the secure cookie field
>   and always sends all cookies back to the server.
>   <br />
>   3. FTPS: FTPS is an extention of the FTP protocol over secure SSL/TLS
>   connections. Not to be confused with SFTP which is FTP-like protocol
>   over SSH2. Wget already implements FTP and SSL/TLS separately. This
>   project would require understanding how FTPS works and implementing the
>   required changes in Wget. A good starting point is RFC 2228 and RFC 4217.
>   <br />
>   <br />
>   <b>Expected Results:</b> By the end of the project, Wget should understand
>   the HSTS requests and follow the directives of the local HSTS database. It
>   should also obey the "secure" cookie parameter in HTTP responses. Finally,
>   we should be able to use Wget to download a file via FTP over a secure
>   connection. For HSTS and secure cookie management, the relevant test cases
>   are also expected.
>   <br />
>   <br />
>   <b>Knowledge Prerequisites:</b> A good understanding of C will be required
>   for this project since it deals with some of the deepest portions of Wget's
>   source code. Apart from that, some amount of Python will be helpful for
>   writing the test cases, but it is not mandatory.
> </p>
> 
> <p><strong>Contact:</strong> address@hidden (to subscribe, see the <a href="http://lists.gnu.org/mailman/listinfo/bug-wget">list-info page</a>).<br/>
>   <strong>Mentors:</strong> <a href="mailto:address@hidden">Giuseppe
>     Scrivano</a>, <a href="mailto:address@hidden">Darshit Shah</a>,
>     <a href="mailto:address@hidden">Tim Ruehsen</a>