At 21.21 03/10/02 +0100, you wrote: ...
>> Just this; is fproxy usable via SSL tunnel ? >>=20 >> This is probably trivial from a software point of view, but >> mandatory from an application security point of view. >>=20 >> If we are concerned about people using IE to browse Freenet with fproxy, >> we must have a bigger concern for people doing it using http and not >> https. >>=20 >> Maybe a good idea will be put the same kind of warning message when >> fproxy is used via http. >>=20 >> This is the only doubt I have; I'll not have time to check=20 >> this myself until next week. >Eh? People will run a node locally. If they don't run a permanent node >locally they have no security anyway. So what's the point of SSL? I was unable to well explain my point. Or maybe you was unable to understand it because, as most of freenetters, you are unfamiliar with a freenet *user* point of view Not all people that *need* Freenet use an unix computer hooked to xDSL. Not all people that need freenet have a computer at all; maybe they are on trip without portable or live in China. So they go in an Internet Cafe' take a seat, disable the browser cache and point https://bespin.homelinux.net:443 This is (er... was) a Freenet node that has an open fproxy and tunnel port 8888 thru an ssl tunnel on port 443. Now is an unprotected one on 8888; I'll explain why in a minute. They can browse of publish on freenet without disclosing content or keys to any sniffer; OK, to have a local node is better for privacy, but a public fproxy gateway to freenet is *far, far* better that nothing. Due to complex way the new fproxy rewrite the url, tunneling stop working one month ago; I tried every week a new build, but the 404 still had this problem. I'll be able to test 509 next week; i just suggest that, before the release of 0.5, this problem will be addressed, and optionally a warning message like that about Internet Explorer is added when people browse freenet using http AND are not on 127.0.0.1. JM2C. Marco -- * Marco A. Calamari [EMAIL PROTECTED] * il Progetto Freenet - segui il coniglio bianco the Freenet Project - follow the white rabbit _______________________________________________ devl mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/devl
