[tor-dev] [OONI] Designing the OONI Backend (OONIB). RESTful API vs rsynch

Ondrej Mikle ondrej.mikle at gmail.com
Wed Jul 18 23:20:59 UTC 2012

Hash: SHA1

On 07/17/2012 10:08 PM, Isis wrote:
> On Mon 16 Jul 2012 at 02:15, thus spake Ondrej Mikle:
>> On 07/15/2012 02:56 PM, Arturo Filastò wrote:
>>> # What properties we would like it to have note: these are not
>>> ordered. * Efficient even over high latency networks. * Ease of
>>> integration for third party developers. * Expandable to support
>>> requirements of new tests we develop. * Anonymous * Secure
>> Even though you will probably not end up using this, it may be a good
>> idea to know that it exists:
>> ZeroC Ice - http://www.zeroc.com/ice.html
> Oh man. It's not Twisted, that's for sure. :)
> Though, it seems that much of Ice is redundant if we are already packaging 
> Twisted. Perhaps we could use their code as reference, and just write out
> the methods we need in Twisted to avoid the extra dependency?

If you are packaging/using Twisted, then yes, Ice is redundant (unless someone
planned to differentiate "signaling" from "data" protocol, for example).

>> It can optionally use TLS, interface definition for RPC and structures
>> is written only once (each language binding then loads it and maps it to
>> native object of its own as "usual" method calls or attributes).
>> Advanced features include asynchronous calls, at-most-once semantics (it
>> can retry RPC call for methods that are marked "idempotent", i.e. whose
>> multiple invocation is same as one invocation), persistence via Ice
>> Freeze (might work for the file storage, not sure how big are your files,
>> internally it's implemented on top of BerkeleyDB), forward/backward
>> compatibility among versions of your API (up to a limit)...
> Becoming more convinced. Do you know off the top of your head which
> protocol it uses? HTTP also, I would assume?

At low-level, it has its own protocol, it's not HTTP (it actually won't work
over HTTP).

> Side note: What are we going to do for countries which block/monitor/MITM
> SSL connections? If I'm not mistaken, hasn't it been the case that these
> places have still allowed ssh? Should we have some sort of append-only
> scp-like fallback? Does Ice have that?

Unfortunately, there's no fallback in Ice for that (its firewall-evading also
uses SSL/TLS which is not useful here). Maybe I misunderstood Arturo's
requirement that said TLS or TorHS was considered for encrypted/authenticated

Version: GnuPG v2.0.14 (GNU/Linux)


More information about the tor-dev mailing list