[Freedombox-discuss] Hosting public services (was: Re: Bootstrapping a Freedombox contact list)

Tim Retout diocles at debian.org
Wed Nov 27 22:49:50 UTC 2013

On Wed, 2013-11-27 at 09:23 +0100, Anders Jackson wrote:
> Sorry, my fault. I was thinking of IPSec,
> http://en.m.wikipedia.org/wiki/IPsec
> > I think IPv6 will eventually mean that everyone has static IP
> addresses
> > at home, but in the meantime not everyone can access IPv6-only
> services,
> > can they?  So do the transition mechanisms make it possible to run
> > services accessible by IPv4-only users?
> Do you need IPv4 access in to your machine? We would still have IPv4
> access through IPv4 NAT. If all Freedomboxes have IPv6, they have peer
> to peer access through encrypted connection. No need for fighting with
> NAT traversal through one or more NAT routers.

Ah, I see where you're going, but I think we may need more than this.
Eben Moglen's recent talks have persuaded me that privacy requires both
secrecy and anonymity:

Therefore, for the peer-to-peer element, I have come to believe that
governments should not able to see which other Freedomboxes you are
communicating with.  If we used IPSec, it would still be possible to
figure out who owned the addresses you were talking to.

Tor hidden services are easy to set up, they work even if the Freedombox
is behind a firewall, and they have the advantage that you keep the same
onion address even if your home IP is dynamic.  I envisage this
communication as happening mostly between the software on the boxes,
rather than directly from any user's browser, so the end user never has
to know that this is implemented on top of Tor.

(This use of Tor is always encrypted end-to-end, and there are no "exit
nodes" which can see your raw traffic.  This avoids all the potential
issues discussed on this list a few weeks ago with sending the user's
unencrypted HTTP traffic over Tor.)

Note that a connection from e.g. my own mobile phone to my Freedombox
does not have the same anonymity requirement.  GCHQ is going to know my
phone and my home are linked together, because my identity is already
associated with them both, and this is fine.  This connection could very
well use an IPSec VPN, if we could figure out how to make that work.

However, I also believe that in order to be at all useful, Freedomboxes
need to interoperate at some level with people who don't yet use
Freedomboxes.  So I still want to keep my same email address for now,
and hopefully my same XMPP address, etc.  To start with, I envisage that
we do not actually host these on the Freedombox, but intercept and
augment them (e.g. adding OpenPGP encryption to my email where

We can then start transparently re-routing mail I send to other
Freedombox users.  Deliver via their Tor hidden service address, rather
than over the open internet.

Later, if I want to, say, make my Freedombox's pump.io installation
available to the internet at large, we need a way for other people with
only IPv4 connections to see my site (ideally hosted on my own domain),
even though my home only has a dynamic IPv4 address.  This is where
tools like Pagekite come in, and I can't see how I'd achieve this with

Tim Retout <diocles at debian.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20131127/d25f4da8/attachment.sig>

More information about the Freedombox-discuss mailing list