[Freedombox-discuss] Announcing Santiago Release Candidate 1

Markus Sabadello markus.sabadello at gmail.com
Tue May 15 15:58:31 UTC 2012

Fantastic, I'm currently at a p2p hackathon in Berlin, but I'll give it a
try with my 4 Guruplugs when I get home..

Project Danube: http://projectdanube.org
Personal Data Ecosystem Consortium: http://personaldataecosystem.org/

On Tue, May 15, 2012 at 4:35 PM, Nick M. Daly <nick.m.daly at gmail.com> wrote:

> Hi folks, I'm proud to announce the first release candidate (developer
> preview) of the Santiago service.  Santiago is designed to let users
> negotiate services without third party interference.  By sending OpenPGP
> signed and encrypted messages over HTTPS (or other protocols) between
> parties, I hope to reduce or even prevent MITM attacks.  Santiago can
> also use the Tor network as a proxy (with Python 2.7 or later), allowing
> this negotiation to happen very quietly.
> Santiago currently lives at:
>    https://github.com/nickdaly/plinth/tree/santiago
> Currently, it needs a *lot* of polish, but there's enough for a
> technical demonstration and basic use.  Try combining it with .onion
> addresses.
> Testing it out it takes a bit of setup:
> - This was all tested on Debian Stable, so I know it works on Python
>  2.6.  Other versions may work differently.
> - You need a PGP key.  You probably want to make a new password-less key
>  specifically for Santiago.
>  Santiago's running as a service, and you won't always be there to
>  enter the password when the gnupg-agent times out and locks the
>  keyring again.  At that point, Santiago will block while waiting for
>  (or fail without) the password.
> - You need [python-gnupg](http://code.google.com/p/python-gnupg).  Make
>  sure it's either in your PYTHONPATH, or edit the start.sh and test.sh
>  files so that it can be found.
> - You need a ``production.cfg`` or ``test.cfg`` file with contents like
>  the following:
>    [pgpprocessor]
>    keyid = (your 40-character key identifier)
> - You need an SSL certificate (the ``ssl-cert`` package is required).
>  Run the following as root, changing the group as necessary:
>    # make-ssl-cert generate-default-snakeoil
>    # make-ssl-cert /usr/share/ssl-cert/ssleay.cnf santiago.crt
>    # chgrp 1000 santiago.crt
>    # chmod g+r santiago.crt
>  See ``/usr/share/doc/apache2.2-common/README.Debian.gz`` for more
>  details.
> - Either set up a Tor listener on port 8118, or set the proxy port to
>  "None" or 80, if you're running Python 2.7 or later.
> - Run ``make`` once in the Plinth root directory to create the config
>  files you need.
> - Running ``bash start.sh`` in a console will set up a Santiago service
>  that communicates with itself.  You can see the Santiago service learn
>  about the "https://somestuff" location (it'll appear in the
>  "consuming" dictionary) if you navigate to:
>    https://localhost:8080/query?service=santiago&host=(your key ID)
>  It'll give you a warning about an untrusted certificate, but since
>  you just made that certificate, ignore the warning.
>  After you load the page, you won't see anything.  That's by design.
>  You'll need to watch the debug messages (look for one reading
>  "Success!") or Ctrl+C out of the server to drop into PDB where you can
>  examine the santiago.consuming dictionary.
> Technically, it works, but with a fair number of caveats:
> - Python doesn't currently verify the HTTPS certificates used.  We still
>  use the OpenPGP key for verification, but it'd be helpful.
> - It'd also be nice to munge the PGP key into the HTTPS certificate,
>  requiring only a single identity document to secure all the
>  communications.
> - It doesn't yet play well with others (you can't read the hosting and
>  consuming dictionaries from other processes very well).  Please let me
>  know your ideas for fixing this.
> - It needs better state storage and recovery.  Doing this well is my
>  highest priority right now (the blocker for the 0.2 release).
> - The current start methods appear to block, so new protocols might not
>  load when you expect them to.
> - It needs more tests, there are still a good number of behaviors that
>  work but aren't verified.
> - As you can see above, setup isn't easy.
> Future directions:
> - Request proxying: If Alice can't reach Bob, but they both can reach
>  Carl, Carl can pass the messages for them.
> - Not-braindead state storage and restoration.
> Please test it out and let me know your thoughts.  I'll make it easier
> to handle and use over the coming days and weeks, but I just wanted to
> get it out the door now that it has successfully integrated PGP.  If you
> have any changes you'd like to see, at all, please send me a patch or
> fork the repository.
> James, you can pull it now. :)
> Nick
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120515/dbd29f54/attachment.html>

More information about the Freedombox-discuss mailing list