On 3/3/12 12:58 AM, Arturo Filastò wrote:
What do you think?
Additionally with the Awaf concept it would be possible to also have Disaster Recovery for server applications, even running on windows PC behind *DSL lines.
That's because if you make a copy of the TorHS key, the later one that insert itself to the Directory Authority will be the "active one". If we put into Awaf also an easy way to make data-replication among different Awaf applications, it would be also very easy to make disaster recovery and strong resiliency of data.
So two activists for example would be able to have a redundant, anonymous, 0-maintenance, easy-to-be-setup web application server.
If you also consider the power of an Awaf based application when thinking about the future diffusion and stabilization of Tor2web, then things became even more challenging and interesting.
Anyone will be able to setup an anonymous web-server on the internet with a couple of click on his own desktop computer (think about blog, chat, webserver, email server, file exchange server, obviously whistleblowing server, etc, etc).
If we create such a framework we would be able to "hide" the system integration complexity that a general python web developer would need to face in order to: - Integrate different server software together (Tor, Tornadoweb, etc) - Handle inbound/outbound anonymous connection - Make cross-platform build-system - Secure what can be secured (jailing, sandboxing, etc) - Making it "easy" for end-user to deploy
There's a lot of complexity in doing that.
If we do it properly once, then web developers would be able to create a new ecosystems of web application running inside the Tor network and this could boost the use of Tor Hidden Service and Tor2web.
Inshalla it will be something very cool!
-naif