[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Stormy - request for feedback

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Stormy - request for feedback
From: Fabio Pietrosanti - lists <lists@xxxxxxxxxxxxxxx>
Date: Thu, 20 Nov 2014 08:36:50 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 20 Nov 2014 02:37:09 -0500
In-reply-to: <53b1613508e29e8b1134885f4a4f8794@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <53b1613508e29e8b1134885f4a4f8794@xxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.2.0

On 11/17/14 10:33 AM, Griffin Boyce wrote:
>
> Q: Can I use this right now to set up a hidden service?
> A: Please don't use this in production until firewall settings are in
> place.
I would suggest to add a Tor2web policy that, looking at X-Tor2web: HTTP
header, enable or disable access to the Blog trough he internet:

You may also consider adding support for Ahmia directory index, by
publishing/announcing the blog to the Ahmia directory automatically with
a TorHS descriptor (GlobaLeaks do it):
https://ahmia.fi/documentation/descriptionProposal/

In the upcoming future, when Tor2web will support configurable policy
for caching and crawling, you may wish to "govern" how Tor2web should
behave within the respect to such TorHS:
https://github.com/globaleaks/Tor2web-3.0/issues/29

In such one-click-hidden-service probably some Tor2web concrete
improvements with some dedicated effort would be very useful (currently
it's volunteer / residual use of OTF/GlobaLeaks's funding for ongoing
small step improvements).

-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Stormy - request for feedback
  - From: Griffin Boyce

References:
- [tor-dev] Stormy - request for feedback
  - From: Griffin Boyce

Prev by Author: Re: [tor-dev] Hidden Service authorization UI
Next by Author: Re: [tor-dev] Potential projects for SponsorR (Hidden Services)
Previous by thread: Re: [tor-dev] Stormy - request for feedback
Next by thread: Re: [tor-dev] Stormy - request for feedback
Index(es):
- Author
- Thread