This page describes the components the system will require.
Contents
User Agent
Tor-Enabled Browser
Non-Tor-Enabled Browser
FBX-UA App
TODO Create Client Application to Connect to Box Services via Client Cert
Key/Identity Exchange
Used to introduce users to one another.
caff
FBX-Identity App
TODO Create Client Application to Manage Key Exchange via Mutual QR-Code
This should be a FBuddy instance that can exercise sensors usually found on mobile-devices for data exchange.
Connectivity
Wireless
TODO Refuse Non-Tor Wireless HTTP Connections
Tor-based connections pass through to destination. Non-Tor connections are stopped by a landing page that teaches the user where to download the TBB (perhaps hosted locally?).
Firewall
Web Server
Apache
TODO Switch FreedomBox site from mod_ssl to mod_gnutls
TODO Add monkeysphere and msva-perl as dependencies for freedombox-setup
TODO Add Apache environment variable for Monkeysphere
TODO Add custom TLS configuration
Authentication (Identification)
msva
TODO Install systemd service file
TODO Create user wwwmsva
mod_auth_env
TODO Package mod_auth_env for Debian
TODO Identify (Authenticate) Users from Client Certs
TODO Get User Id from Client Cert Id
Authorization
LDAP
TODO Authorize Users from Client Cert Identity
TODO Middleware to Reject Requests that fail Authorization?
Services
Plinth
TODO Manage User's Service Authorization
Enable services for some specific users and not others.
Ikiwiki
TODO Switch authorization from LDAP to Env
OwnCloud
FreedomBuddy
TODO Teach Boxes to Exchange Service Location Data Regularly
Hello
TODO Create PGP Keys for End-Users
TODO Export PGP Keys to SSL Client Certs for End Users