[tor-dev] [OONI] Designing the OONI Backend (OONIB). RESTful API vs rsynch

Ondrej Mikle ondrej.mikle at gmail.com
Wed Jul 18 23:20:59 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/17/2012 10:08 PM, Isis wrote:
> On Mon 16 Jul 2012 at 02:15, thus spake Ondrej Mikle:
>> On 07/15/2012 02:56 PM, Arturo Filastò wrote:
>>> 
>>> # What properties we would like it to have note: these are not
>>> ordered. * Efficient even over high latency networks. * Ease of
>>> integration for third party developers. * Expandable to support
>>> requirements of new tests we develop. * Anonymous * Secure
> 
>> Even though you will probably not end up using this, it may be a good
>> idea to know that it exists:
> 
>> ZeroC Ice - http://www.zeroc.com/ice.html
[...]
> 
> Oh man. It's not Twisted, that's for sure. :)
> 
> Though, it seems that much of Ice is redundant if we are already packaging 
> Twisted. Perhaps we could use their code as reference, and just write out
> the methods we need in Twisted to avoid the extra dependency?

If you are packaging/using Twisted, then yes, Ice is redundant (unless someone
planned to differentiate "signaling" from "data" protocol, for example).

>> It can optionally use TLS, interface definition for RPC and structures
>> is written only once (each language binding then loads it and maps it to
>> native object of its own as "usual" method calls or attributes).
> 
>> Advanced features include asynchronous calls, at-most-once semantics (it
>> can retry RPC call for methods that are marked "idempotent", i.e. whose
>> multiple invocation is same as one invocation), persistence via Ice
>> Freeze (might work for the file storage, not sure how big are your files,
>> internally it's implemented on top of BerkeleyDB), forward/backward
>> compatibility among versions of your API (up to a limit)...
> 
> Becoming more convinced. Do you know off the top of your head which
> protocol it uses? HTTP also, I would assume?

At low-level, it has its own protocol, it's not HTTP (it actually won't work
over HTTP).

> Side note: What are we going to do for countries which block/monitor/MITM
> SSL connections? If I'm not mistaken, hasn't it been the case that these
> places have still allowed ssh? Should we have some sort of append-only
> scp-like fallback? Does Ice have that?

Unfortunately, there's no fallback in Ice for that (its firewall-evading also
uses SSL/TLS which is not useful here). Maybe I misunderstood Arturo's
requirement that said TLS or TorHS was considered for encrypted/authenticated
transport.

Ondrej
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iQEcBAEBAgAGBQJQB0TbAAoJEAy6xNgMZCEgyVUIAKpcZjXVqaxDFmtyYUlyonv8
snXCsW0IX93ywpP63SIpleTPAl3Yp4T7Ng6wZKjpMJ/N2xEo7o5GGHl9Z2YVnUyY
Kgp6/FZPkHZv0PmDSVKANleJPTP+CR4LemkcezLiMnpSQ7kv7mIXpVsKbgTJ9B5L
AFa/mWj/YCAJT8I108pteCLZDFEaDEdciM5Bl4Kp6hoiiouyDPRjF2/fC/YWVTfL
DBmo6m8Wq3ZemlLW3At5dvYOct9gQgYyZgq8DWXVFzKx0JzfQ1rXoO4ovZFoLh7D
fnVtjjSaWMOHhscdIS4zx5x9Q4J4QQtwyK0pKBnZwq6DF1J2FPuMxg/jP4v+UrE=
=31rD
-----END PGP SIGNATURE-----


More information about the tor-dev mailing list