[tor-dev] Deployability of Python software.

Fabio Pietrosanti (naif) lists at infosecurity.ch
Wed Mar 7 08:24:50 UTC 2012

On 3/3/12 12:58 AM, Arturo Filastò wrote:
> What do you think?

Additionally with the Awaf concept it would be possible to also have
Disaster Recovery for server applications, even running on windows PC
behind *DSL lines.

That's because if you make a copy of the TorHS key, the later one that
insert itself to the Directory Authority will be the "active one".
If we put into Awaf also an easy way to make data-replication among
different Awaf applications, it would be also very easy to make disaster
recovery and strong resiliency of data.

So two activists for example would be able to have a redundant,
anonymous, 0-maintenance, easy-to-be-setup web application server.

If you also consider the power of an Awaf based application when
thinking about the future diffusion and stabilization of Tor2web, then
things became even more challenging and interesting.

Anyone will be able to setup an anonymous web-server on the internet
with a couple of click on his own desktop computer (think about blog,
chat, webserver, email server, file exchange server, obviously
whistleblowing server, etc, etc).

If we create such a framework we would be able to "hide" the system
integration complexity that a general python web developer would need to
face in order to:
- Integrate different server software together (Tor, Tornadoweb, etc)
- Handle inbound/outbound anonymous connection
- Make cross-platform build-system
- Secure what can be secured (jailing, sandboxing, etc)
- Making it "easy" for end-user to deploy

There's a lot of complexity in doing that.

If we do it properly once, then web developers would be able to create a
new ecosystems of web application running inside the Tor network and
this could boost the use of Tor Hidden Service and Tor2web.

Inshalla it will be something very cool!


More information about the tor-dev mailing list