[Freedombox-discuss] Identity UI

Jonathan Wilkes jancsika at yahoo.com
Mon Jun 25 04:14:20 UTC 2012 




----- Original Message -----
> From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
> To: freedombox-discuss at lists.alioth.debian.org
> Cc: 
> Sent: Sunday, June 24, 2012 6:22 PM
> Subject: Re: [Freedombox-discuss] Identity UI
> 

[...]

>>  2) If your identity lives on your freedombox, then your house becomes
>>  very easy to find, so 100% of traffic over Tor becomes a requirement
>>  then, correct?
> 
> i'm not convinced that tor is a requirement, but it would be good to
> make clear that some form of traffic-anonymization or proxying might be
> desirable (and make it easy to do so).
> 
>>  3) If you're not at home, you still want to use your identity, so you
>>  need a usable way to contact your freedombox from anywhere. This means
>>  the freedombox needs to come with a DNS domain name, correct?
> 
> if you're already connecting with Tor, then a .onion address (a tor
> hidden service) combines a name with digested public key material
> (assuming i understand Tor correctly) that is routed through the tor
> network.
> 
>>  4) When you contact your freedombox from outside your home, you want
>>  to do so over https. This means the freedombox needs to come with an
>>  SSL certificate that's supported (without ugly warnings) by all major
>>  browsers, correct?
> 
> I'm not convinced this is possible, given the naming constraints and
> vulnerabilities imposed by the dominant CA cartel.  Are we willing to
> encourage/support the use of a plugin or extension for some of the major
> browsers?  That might be one way to address some of these warnings.
> 
>>  5) We cannot assume people have a static IP address pointing to their
>>  home, so we'll either have to run a dynamic DNS service, or a reverse
>>  proxy service like pagekite. Otherwise we will not have a way to route
>>  the domain name to the freedombox, correct?
> 
> This differs from #3 only in reference to the frequency of IP address
> changes; again, using a tor hidden service (a .onion address) seems to
> fix this concern.  There are probably other ways it could be addressed
> as well.

You say at the top that you're not convinced that Tor is a requirement for
the Freedombox, yet Tor solves all the problems addressed below that.

Anyway, how do you solve the "magic routing problem" without it?

-Jonathan

> 
>     --dkg
> 
> 
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>

More information about the Freedombox-discuss mailing list