[GNUnet-SVN] r1607 - GNUnet-docs/WWW

[durner]

Author: durner
Date: 2005-08-05 13:08:47 -0700 (Fri, 05 Aug 2005)
New Revision: 1607

Added:
   GNUnet-docs/WWW/freeservice.php3
Log:
Import

Added: GNUnet-docs/WWW/freeservice.php3
===================================================================
--- GNUnet-docs/WWW/freeservice.php3    2005-08-05 19:44:22 UTC (rev 1606)
+++ GNUnet-docs/WWW/freeservice.php3    2005-08-05 20:08:47 UTC (rev 1607)
@@ -0,0 +1,96 @@
+<?php
+include("scripts.php3");
+$title = "FreeServices - tunneling everything over GNUnet";
+$description = "FreeServices - tunneling everything over GNUnet";
+include("html_header.php3");
+
+H1("Introduction");
+BP();
+W("At the moment, GNUnet implements two applications: file-sharing and 
broadcast chat.");
+W("Most of the existing and well-known Internet services can transmit data 
through GNUnet and thus establish anonymous connections between publishers and 
receivers.");
+W("This concept proposes "GNUnet FreeServices" as an application-independent 
solution without the need to modify existing protocols and software.");
+EP();
+H2("Status of this document");
+BP();
+W("This document is currently an early request for comments."); W("Important 
details may be added, changed or left out in the final implementation.");
+EP();
+
+H1("Setting up a FreeService");
+BP();
+W("Every Internet service that is to be published through GNUnet has to be 
defined in a central configuration file that is stored on the computer that 
runs gnunetd:");
+EP();
+PRE("[My homepage]<br />host=localhost<br />port=8080
+[Google]<br />host=www.google.de<br />port=80
+[My mailboxes]<br />host=localhost<br />port=25");
+BP();
+W("In this example, a FreeService called "My Homepage" (actually a 
\"Freesite\") is defined."); W("The webserver (perhaps Apache) serving it runs 
locally on port 8080.");
+W("Because Google is known to censor search hits in certain countries, we (who 
are living in a free country) also relay anonymous traffic to them.");
+W("Finally, we accept anonymous mail destined to us."); W("Our mailserver 
(perhaps Sendmail or qmail) runs at port 25 and accepts mail for our anonymous 
domain (see below).");
+EP();
+BP();
+W("For every FreeService, a RSA key is generated. The hash of the Public Key 
is used as an unique identifier just like a domain name (FQDN).");
+W("The private key is used to digitally sign responses to proof 
authenticity.");
+EP();
+H1(Server side);
+BP();
+BOL();
+LI("An encrypted request for a FreeService is received as usual (port 2086)");
+LI("The request gets decrypted by the core of gnunetd and is forwarded to the 
FreeService module (just like FS or Chat messages).");
+LI("The FreeService module connects to the destination as defined in the 
configuration file (webserver at port 8080, for example), forwards the request 
(<i>HTTP GET</i>, for example) and forwards the response to the core of 
gnunetd, that in turn sends it to the requester through the GNUnet network.");
+EOL();
+intlink_("freeservice-server.png", "[Picture]")
+EP();
+
+H1("Client side");
+BP();
+W("Client connections are always routed through a special GNUnet SOCKSv5 proxy 
to the GNUnet server that makes the requested FreeService available.");
+W("This SOCKS proxy accepts TCP-stlye requests and forwards it to the local 
GNUnet server (its FreeService module to be precisely) which forwards the 
request to the GNUnet server homing the FreeService.");
+W("Depending on the application/protocol, an application proxy has to be put 
in front of the SOCKS proxy."); W("This is recommended in case the protocol 
compromises anonymity (anonymizing HTTP proxy).");
+intlink_("freeservice-client.png", "[Picture]")
+EP();
+
+H1("Addresses and Hyperlinks");
+BP();
+W("As described above, every FreeService is identified by the hash of its 
Public-Key.");
+W("Therefore, it can be used to construct an URI.");
+W("Example:");
+PRE("&nbsp;&nbsp;http://D9HF28EPQ403TSJH8333UIFG85JDM56.gnunet/index.html";);
+EP();
+
+H2("Aliases");
+BP();
+W("Because such a URI is hard to remember, the SOCKS proxy maintains a 
database of alternative names.");
+W("In that way, an alias "mysite" could be defined for the hash above:");
+PRE("&nbsp;&nbsp;http://mysite.gnunet/index.html";);
+EP();
+BP();
+W("Because there's no way to set up a central registry for such names (as 
denic.de for German domain names), they are only stored for local use.");
+EP();
+
+H1("Usage");
+H2("HTTP");
+BP();
+W("To request content from .gnunet-Sites, a browser has to be configured to 
forward <b>all</b> requests to the GNUnet SOCKS proxy.");
+W("The proxy server checks the domain name for the postfix ".gnunet" and 
forwards these requests to the GNUnet server.");
+W("Requests besides the TLD ".gnunet" are treated as normal requests and are 
forwarded to either the destination server or a final HTTP proxy server (yours 
or your provider's).");
+EP();
+
+H3("Links to non-anonymous content");
+BP();
+W("A freesite may embed or link to pictures or other content.");
+W("In case this is not done through the .gnunet-Address, but the usual address 
(http://www.mysite.com/title.jpg, for example), the requester looses anonymity 
when requesting the content: the request does not get routed through GNUnet, 
but a normal - maybe not encrypted - direct connection to the destination 
server.");
+W("To circumvent this, an additional proxy server has to be added in front of 
the SOCKS proxy."); W("This proxy checks every "normal" request whether it is 
the result of a link on an anonymous page (through the HTTP header 
"Referrer").");
+W("In this case, a warning message is returned first.");
+EP();
+
+H2("Mail");
+BP();
+W("Mailaddresses look like those presented above. Mail is sent to %s or %s.",
+       PRE("&nbsp;&nbsp;address@hidden"),
+       PRE("&nbsp;&nbsp;address@hidden"));
+W("To accept these addresses, the mailreader has to be configured to forward 
all mail to the GNUnet SOCKS proxy."); W("It checks for the TLD \".gnunet\" and 
sends the mail through GNUnet if necessary.");
+
+H1("The whole picture");
+W("... is %s.", intlink_("freeservice-all.png", "here"));
+include("html_footer.php3");
+?>