On 10 July 2012 14:05, Bjarni Rúnar Einarsson <[email protected]> wrote:
> On Tue, Jul 10, 2012 at 11:56 AM, Melvin Carvalho > <[email protected]> wrote: > > On 10 July 2012 13:44, Michiel de Jong <[email protected]> wrote: > > > > Sorry for being a bit slow, I'm trying to understand the pagekite > proposal > > better. > > Please don't call it a "pagekite proposal". The initiative came from > Markus and Michiel, and pagekite is only a (potential) part of it. > Got it, thanks. > > > Is it based on a user's own certificate, or some other certificate, or a > > proxy? > > Are you asking for a description of how PageKite works? The > ultra-short summary is that PageKite defines a protocol and software > which lets a web server "connect to" or become "part of" the web, > even if it doesn't have a public IP. It does so using an encrypted > tunnel to a specialized reverse proxy. The reverse proxy can do > helpful things such as terminate incoming SSL connections with a > wild-card certificate, before re-encrypting the traffic that travels > over the tunnel. Alternately, PageKite can also proxy end-to-end > HTTPS traffic which is more secure (the relay cannot see or modify the > traffic stream) but harder to set up (the origin web server needs its > own domain and certificiate). > Thanks for the explanation. In practical terms, where, typically would/could this reverse proxy run? One of the fundamental motivations for freedombox is for a user to keep their own logs. Therefore, if I've understood correctly, trust in the reverse proxy would need to be paramount? > > -- > Bjarni R. Einarsson > Founder, lead developer of PageKite. > > Make localhost servers visible to the world: https://pagekite.net/ >
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
