[Freedombox-discuss] FreedomBox/Unhosted/PageKite for Access Innovation Prize 2012

Michiel de Jong michiel at unhosted.org
Sat Jul 7 13:25:54 UTC 2012


On Sat, Jul 7, 2012 at 2:47 PM, Michael Rauch <l15t at miranet.ch> wrote:
> - with PageKite, this probably leads to registering a domain name for a box.
> as this is how the regular web works, normal browser/http-client can access
> the page/service.

or subdomain, which saves money.

we could use per-box startssl certs instead of certs on the proxy, but
if the proxy is the apt server anyway then that does not really
increase security, and it's annoying that you have to renew them each
year.

> - with Tor HS, no need to register a domain. as long as you don't loose the
> private-key you keep the same .onion address. to access the page/service,
> you need a Tor-Browser, Tor-Proxy or go via tor2web though.

for mainstream users that would mean going via tor2web, so effectively
still a reverse proxy setup. also, the Tor-based setup is not
something we have working in production right now on normal Debian
PCs, so unlike the pagekite-based setup, it's not readily packageable

>
> as i understand the proposition, the focus is on allowing unhosted-apps
> (JavaScript in an ordinary webbrowser) to access the fbx.

yes, that would be one functionality, the other would be privoxy when
accessing the internet from within the box's wifi range.

> maybe an
> unhosted-app could try first the .onion address directly (which succeeds if
> a tor-proxy is used) and fallback on tor2web if necessary?

if you tell an unhosted web app that you want to connect your remote
storage on an onion address, then it will try to do cross-origin XHR
to that onion address, yes. it will go to whatever address you give
it.

i think the main point (for me, at least) is that we want to get a
2013 version out there now, that has functionality for a mainstream
user. It would then be updateable through apt as soon as we have more
better things working, and then the 2014 version can have full
FreedomBuddy-based onion routing.

my main open questions for the pagekite-based setup we're proposing
are if it makes sense to put ssl-certs on the boxes (i have a feeling
that it doesn't), and how we want to do the installation (i think the
best way is to connect it via ethernet to the existing ISP-supplied
router, and make it emit a wifi access point).



More information about the Freedombox-discuss mailing list