On 06/07/2011 01:28 PM, Andrew Lewman wrote:
On Tue, 7 Jun 2011 21:08:48 +0100 "Runa A. Sandvik" runa.sandvik@gmail.com wrote:
Vidalia is not designed to control or configure a Tor process that it did not start.
I have tested this, and it works just fine. The question is; are we happy with something that works, even if it's being used in a way that it was not designed for?
Vidalia was designed to do this from the start, which is why it uses tcp/ip instead of some ephermeral file descriptor locally. The connection between their vidalia and the tor process is in plaintext. That should be the concern.
Yes, it should be SSL/TLS, as I've previously suggested, if we're going to use that as the controller.
I still think that a web interface isn't that big of a deal if we're just shipping Debian...
We just need to get a list of requirements and them hammer it out.
(Though it might be neat to add a basic webserver to Tor itself. Libevent can do this but it doesn't have any concept of a CGI as far as I've seen..)
All the best, Jake