Hi Sajolida and list, Sorry for the delay in response, I really took interest in your responses and start getting deeper in the project and wanted to reply to you with more work done. I created a github page about it and wanted to have everything more clear before taking your time. Finally it took too long, sorry for not saying a word. Ok, after that explaination I first response to design questions you asked (thanks!) and at the end I would like to share some questions:
1. Group communication with outside? NO intended. Nice ideas about not using a public mail service, but: - private email server on Tor hidden service: this implies someone to mantain it and (i believe) it breaks de easy to use goal. Keeping all acounts in riseup and using gpg should be secure enough I think. - using other protocol: more exactly? someting p2p? I'm not sure of it being appropiate for the classic use case of connect for not too much time in Tails (at least that's the way people I know use to work with it). 2. Member exclusion cases: As far as there is no group chat configured (see below) it shouldn't be a problem. About how to treat cases: - lost of interest: should be strange case, and no security issue. Members should not send more mails to this person. - raided by cops: for best security this should mean end of the group infrastructure as soon as possible and arrangement of a meeting to create new accounts and keys. Exclusion won't be a solution i think. Not sure what other hints we can offer in this case. 3. Group otr substitute: - As far as we don't want to trust providers (encryption must be done locally in all cases) configuring private irc in riseup keeps outside this project. At least at first moment as a Feature. Personally think most coordination and communication work can be done asyncrhonous and we shoudn't get in risk for this realtime obsession ;) .. besides I love chat too. 4. Icedove vs Claws: Ok, Take your advice and configure Icedove. Must say Icedove address book it's a pain to configure. See wiki for more info on it. 5. Account creation: ok on your advice of how to do it, I decided to add a riseup account create helper to show this process. 6. Possible Role of group creator and passphrase creation. Totally agree, memebers must meet in person and type passphrase without others seeing. If by some means someone must delegate trust on others it must be at their own risk and shouldn't be featured nor offered. --------------------------- Ok, after this. How it's project now. Created github page, also a scheme attached in this mail (not complete). By the moment at github page not code just wiki with investigation. https://github.com/noidcc/tails-group-installer/wiki[1] There you can also find use case, threat model, goals and non goals and a list of pages that show how it could be implemented. It's not complete but i prefer show it as it is and stop delaying sharing work and questions that I'm stuck at it: https://github.com/noidcc/tails-group-installer/wiki/Questions[2] So, If you have enough time please start by reading the implmentation proposal's if not and you can help in resolving some of the questions will be as much apreciated! Thanks for all and sorry again for the big delay, more direct comunication from now on. pd. Not sure if this is the best way to work on this (looong mail + github wiki) salute! El Lunes, 4 de mayo de 2015 13:15:18 usted escribió: > sajolida: > > noid: > >> I really appreciate the work you're doing and know Tails development has > >> priorities, I'm not asking for you to change them and and I'm open to > >> reconsider my project if some of the work that must be done fits my > >> knowledge and my university work requirements. > > > > That's another option but it's hard to tell without knowing in more > > details what are you skills, how much time you will be able to dedicate > > to your project, and what kind of project fits in this scope. I also > > think that your project as you describe it is very ambitious and if you > > want to downsize it a bit we might be able to find other tasks in our > > roadmap for you. > > We haven't heard back from you since then... Still, I wanted to add that > if you end up thinking that this project is too ambitious for your > skills or for the time that you can allocate to it. I'm sure that you > can work on tiny bit of the Tails Server project that could still be > already helpful on the short term. > > For example you could work on making it easier to start different kind > of services on Tails (Gobby, XMPP, HTTP). Some of us have started > documenting how to do an HTTP server. > > See https://labs.riseup.net/code/issues/7879 > > But you could go further and explore their preseeding through debconf. > > You could also work on having a screen locker for Tails (which could be > a requirement for the server edition). > > See https://labs.riseup.net/code/issues/5684 -------- [1] https://github.com/noidcc/tails-group-installer/wiki [2] https://github.com/noidcc/tails-group-installer/wiki/Questions
group-installer.fodg
Description: application/vnd.oasis.opendocument.graphics-flat-xml
_______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
