[Freedombox-discuss] Identity UI

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Jun 24 22:22:00 UTC 2012 

Thanks for breaking this out into specific points, Michiel.  I think
that is a good way to try to get a handle on the constraints we're
looking at.

On 06/24/2012 04:43 AM, Michiel de Jong wrote:
> 1) If there are no key pairs associated to an addressbook entry, then
> you cannot communicate with that person. This means we need some sort
> of friend requests in the UI, correct?

I'm not sure friend request is the right model.  It's worth breaking
this out into two or three use cases:

 a) public directory lookup (e.g. phone book, public keyservers)

 b) indirect private lookup -- that is, if any of my contacts have
themselves published a list of contacts they know (And their associated
public keys), survey those lists.

 c) send introduction -- send Alice the contact information (and public
keys) for Bob (and/or vice versa).

> 2) If your identity lives on your freedombox, then your house becomes
> very easy to find, so 100% of traffic over Tor becomes a requirement
> then, correct?

i'm not convinced that tor is a requirement, but it would be good to
make clear that some form of traffic-anonymization or proxying might be
desirable (and make it easy to do so).

> 3) If you're not at home, you still want to use your identity, so you
> need a usable way to contact your freedombox from anywhere. This means
> the freedombox needs to come with a DNS domain name, correct?

if you're already connecting with Tor, then a .onion address (a tor
hidden service) combines a name with digested public key material
(assuming i understand Tor correctly) that is routed through the tor
network.

> 4) When you contact your freedombox from outside your home, you want
> to do so over https. This means the freedombox needs to come with an
> SSL certificate that's supported (without ugly warnings) by all major
> browsers, correct?

I'm not convinced this is possible, given the naming constraints and
vulnerabilities imposed by the dominant CA cartel.  Are we willing to
encourage/support the use of a plugin or extension for some of the major
browsers?  That might be one way to address some of these warnings.

> 5) We cannot assume people have a static IP address pointing to their
> home, so we'll either have to run a dynamic DNS service, or a reverse
> proxy service like pagekite. Otherwise we will not have a way to route
> the domain name to the freedombox, correct?

This differs from #3 only in reference to the frequency of IP address
changes; again, using a tor hidden service (a .onion address) seems to
fix this concern.  There are probably other ways it could be addressed
as well.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120624/09c77437/attachment.pgp>

More information about the Freedombox-discuss mailing list