[cryptography] DeCryptocat

Fabio Pietrosanti (naif) lists at infosecurity.ch
Fri Jul 5 17:28:48 EDT 2013


Il 7/5/13 8:34 PM, Jacob Appelbaum ha scritto:
> "Module ngx_http_ssl_module supports the following built-in variables:
>
> "$ssl_cipher returns the cipher suite being used for the currently
> established SSL/TLS connection
>
> "$ssl_protocol returns the protocol of the currently established SSL/TLS
> connection — depending on the configuration and client available options
> it's one of SSLv2, SSLv3 or TLSv1
As a mid-term move for CryptoCat "server side" it would be nice to make 
it's own minimal and secure XMPP Server, to be installed without any 
configuration burden, be "secure by design" and not necessarily "by 
configuration"

Doing so, would facilitate the integration with Tor to easily let anyone 
startup it's own CryptoCat server (also on windows/macappstore), running 
over TorHS, making the architecture more distributed and SSL-free.

A nice set of technology to do it could be:
- Wokkel, XMPP Server based on Twisted http://wokkel.ik.nu/
- TxTorCon, to manage Tor process https://github.com/meejah/txtorcon
- Pyinstaller to make windows/macosx package http://www.pyinstaller.org/
- Cyclone, to make web interface to manage it easily 
https://github.com/fiorix/cyclone

-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org



More information about the cryptography mailing list