Hi!
On 21:00 Tue 18 Jan , Bjarni Rúnar Einarsson wrote:
> 2011/1/18 Michael Blizek <[email protected]>
> > What is particularly interesting is that running web sites can easily be
> > done
> > anonymously. However, this will put some strains on the front end
> > operaters.
> > But then the connection between the end user and the front end should
> > really
> > be encrypted.
> >
>
> Pagekite supports HTTPS, but it can only do it reliably for modern browsers
> which implement the SNI extension to TLS. This does not include most Windows
> XP users (Chrome is the only browser that works there AFAIK), so it'll be a
> few years before that is a seamless experience. However, if you are setting
> up a private site and want e2e encryption, asking your users to upgrade to
> Chrome may not be a huge burden. So this is possible today, with caveats.
End to end encryption between the user and the backend is not really the point
here. It does not really exist for tor either unless an application does it on
its own. The point is encryption between the front end and the back end. This
will prevent various attacks and would allow the connection between the back
end and the front end to safely go over TOR.
> The anonymity thing... well, front-end providers will have bandwidth costs
> so finding one that lets you anonymously connect for free may prove
> difficult, and once you pay, you usually aren't truly anonymous anymore due
> to the paper trail. But finding a provider that respects and protects your
> privacy to the extent allowed by law might not be too hard.
I do not thisk that this will be a big problem in particular. People provide
bandwidth for TOR as well without any money flowing. Server are quite cheap
today, but legal costs maybe are not always. Front end servers might be able
to finance with donations. If nothing else helps, there are still some ways to
send money anonymously, like snail mail.
-Michi
--
programing a layer 3+4 network protocol for mesh networks
see http://michaelblizek.twilightparadox.com
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
