[tor-dev] Stormy - request for feedback
Fabio Pietrosanti - lists
lists at infosecurity.ch
Thu Nov 20 07:36:50 UTC 2014
On 11/17/14 10:33 AM, Griffin Boyce wrote:
>
> Q: Can I use this right now to set up a hidden service?
> A: Please don't use this in production until firewall settings are in
> place.
I would suggest to add a Tor2web policy that, looking at X-Tor2web: HTTP
header, enable or disable access to the Blog trough he internet:
You may also consider adding support for Ahmia directory index, by
publishing/announcing the blog to the Ahmia directory automatically with
a TorHS descriptor (GlobaLeaks do it):
https://ahmia.fi/documentation/descriptionProposal/
In the upcoming future, when Tor2web will support configurable policy
for caching and crawling, you may wish to "govern" how Tor2web should
behave within the respect to such TorHS:
https://github.com/globaleaks/Tor2web-3.0/issues/29
In such one-click-hidden-service probably some Tor2web concrete
improvements with some dedicated effort would be very useful (currently
it's volunteer / residual use of OTF/GlobaLeaks's funding for ongoing
small step improvements).
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi
More information about the tor-dev
mailing list