i hadn't thought of the option of using .onion URLs! that's a supercool solution to all 5 points, indeed.
I'm also not doing any of the actual coding, and also definitely don't want to tell anyone else what they should work on, but i trust that everybody reading this will simply ignore me where appropriate. :) so i guess, continuing the assumption that we want to use asymmetric key pairs for identity, there are several things we need, and for those there are basically two solution paths: Tor, or reverse proxy + ssl. Pros of Tor: - it is the only (or at least the most mature) option we know of to not inadvertently disclose your geographical position. Since freedombox is for a large part about privacy-by-design, that seems to be a strong argument - if freedombox has Tor on it, and a significant number of boxes get sold and deployed, then freedombox is helping Tor (Tor only works well if there are a lot of nodes), which i think is in itself good. - compared with the reverse proxy + ssl cert solution, it's more decentralized. Cons of Tor: - it might be too resource-heavy to run on some of the hardware (so may make the default model more expensive) - some people may consider running a Tor node illegal, and even if it's not illegal, you will probably have to be prepared to deal with take-down notices from your ISP. Of course, as more people run Tor nodes, this burden is shared among more people, so putting it into Freedombox would actually help to solve this problem. - Tor is a powerful tool, and every tool can be a weapon. I think its merit as a tool outweighs its power as a weapon, but even so, i wouldn't want to force other people to run a Tor node without properly knowing what it is. Everybody has a right to understand (explained in laymen's terms, if necessary) what software is running on the hardware they own. So if we put Tor into freedombox, we should IMHO add some documentation that explains "your freedombox will make your internet connection into a channel of free speech for others, and may help activists in suppressed regimes speak their mind without being prosecuted.". So i would word it positively, but at least not make a secret of how powerful the installed software of freedombox is. Simply as a consumer's right (please don't flame me for this one). :) - compared with the reverse proxy + ssl cert solution, onion URLs are not easy to remember. i think we could find ways to make it work though, probably. people found ways to work with mobile phone numbers, for instance, which are also not very human-memorable in themselves. to bring this back to the original topic: - if we use Tor, then your identity is uniquely identified by either the key pair itself, or by an onion URL where the public key is hosted. - if we use reverse proxy + ssl, then your identity is uniquely identified by either the key pair itself, or a domainname on which the public key is hosted. I think this influences the UI of identity. In particular, if we make people learn their onion URL or DNS URL, then it's unnecessary to make them also learn their key pair. We can then hide the key pairs behind that onion or DNS URL, and remove complexity from the UI that way. cheers, Michiel _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
