# Contributing Guidelines Please read this document in full before contributing. - [Rules](#rules) - [Quality over Quantity](#quality-over-quantity) - [Software Criteria](#software-criteria) - [Main (All Software)](#main) - [Providers](#providers) - [DNS](#dns) - [VPN](#vpn) - [Email](#email) - [Hardware](#hardware) - [Software](#software) - [Encryption](#encryption) - [Operating Systems](#operating-systems) - [Images](#images) - [Licensing](#licensing) - [Contributing via email](#contributing-via-email) ## Rules - Be nice and respectful. - Be constructive. ## Quality over Quantity We're trying to keep it simple and promote the best tools, not all of them. Something meeting the below criteria ***does not automatically qualify it to be included on the site!*** ## Software Criteria ### Primary Requirements - Privacy respecting (duh!). ### Primary Recommendations - Open Source / Free Software. - Prioritize Products without Vendor Lock-in (decentralized/self-hostable) or data interoperability. - Cross-platform / Accessible. - Easy to use. Could your mother use that tool or service? Usability is most important. If no software exists in a certain category that meets *all* these criteria, exceptions can be made on a case-by-case basis. ### Service Provider Information - Products and services listed as "Providers" SHOULD be prioritized primarily based on their jurisdiction (i.e. how privacy-respecting the laws of their home country are). ### DNS Provider Requirements - MUST support DoH or DoT (DNSCrypt is great too, but there is already https://github.com/DNSCrypt/dnscrypt-resolvers which is directly supported by dnscrypt-proxy, so we don't consider it useful to list providers exclusively supporting it). - MUST support DNSSEC (https://dnssec.vs.uni-due.de/ can test your current DNS provider). - MUST NOT log IP addresses during normal operation (If your suggested provider *ever* logs, please compare its privacy policy with other servers on our table that keep logs). - SHOULD support QNAME minimization (if you have access to the dig command, `dig +short txt qnamemintest.internet.nl` or `Resolve-DnsName -Type TXT -Name qnamemintest.internet.nl` if you are on Windows 10). ### VPN See https://privacyguides.org/providers/vpn/#criteria for full details, the following is an incomplete summary. - MUST NOT be based in USA or UK. - MUST be accessible via Open Source Software (e.g. OpenVPN, WireGuard). - MUST Use Strong Encryption. - SHOULD Accept Cryptocurrency. - MUST have a no logging policy. ### Email See https://privacyguides.org/providers/email/#criteria for full details, the following is an incomplete summary. - MUST Support SMTP SSL. - SHOULD be accessible with standard/FOSS software (e.g. allows IMAP). ### Hardware - SHOULD be [H-Node Class A](https://h-node.org/wiki/page/en/compatibility-classes) or equivalent (if applicable) - SHOULD prioritize hardware certifications like [RYF](https://ryf.fsf.org/), [OSHWA](https://certification.oshwa.org/), and OSI when available. - SHOULD NOT lock users to a particular platform. ### Software - MUST be able to download over encrypted network (can be a mirror). - SHOULD be Free and Open Source Software. ### Encryption - Only verifiable encryption is to be trusted ### Operating Systems - Must state if recommends, depends on, or offers non-free software (contrib) - No Tracking Policy (opt-in analytics is ok) ## Images - SVG file format is strongly preferred. PNG files can be used as a fallback if images are too complex or otherwise unsuitable as a vector format. - Provider logo dimensions are 384px x 128px ([example](/assets/img/legacy_svg/3rd-party/mullvad.svg)) - Tool logo dimensions are 128px x 128px ([SVG example](/assets/img/leagcy_svg/3rd-party/firefox_browser.svg), [PNG example](/assets/img/legacy_png/3rd-party/claws_mail.png))