Hi, zooko and p2p developers:
Firstly, I am sorry that I have very limited diagram design ability.
Currently I try to translate the related English in the diagram and maybe
uesd in the newly designed diagram into Chinese. If someone has better
translation, that's better. I know my translation is not perfect.
The warning message:
If you want good security, you *must* run a Tahoe-LAFS gateway (which is a
web server) on a computer you control.
如果您想要更好的安全性,您*必须*在自己控制的计算机上运行Tahoe-LAFS网关(即Web服务器)。
This public demo is possible to be controlled by someone!!! (And in this
case might not provide the security you want!!!)
这个公开网站是有可能被别人控制的!!!(如果是这种情况,可能提供不了您想要的安全性!!!)
The English in the diagram (network-and-reliance-topology.svg) could be
translated as:
1. Tahoe-LAFS network topology
Tahoe-LAFS 网络拓扑
2. Tahoe-LAFS storage servers
Tahoe-LAFS 存储服务器
3. Tahoe-LAFS gateway
Tahoe-LAFS 网关
4. Tahoe-LAFS storage protocol over TCP/SSL
使用TCP/SSL的Tahoe-LAFS 存储协议
5. Tahoe-LAFS storage client
Tahoe-LAFS 存储客户端
6. HTTP(S) server
HTTP/HTTPS 服务器
7. Tahoe-LAFS WAPI over HTTP(S) or FTP
使用HTTP(S) 或FTP的Tahoe-LAFS WAPI
8. Tahoe-LAFS client
Tahoe-LAFS 客户端
9. web browser
web浏览器
10. command-line tool
命令行工具
11. Windows virtual drive
Windows虚拟驱动
12. Javascript frontends
Javascript 前端
13. tahoe backup tool
tahoe 备份工具
14. duplicity
复制
15. (S)FTP client
(S)FTP 客户端
16. GridBackup(incomplete)
网格备份(不完全)
17. FUSE(incomplete)
FUSE(不完全)
18. Red means that whoever control that link or that machine can see your
files and change their contents. In other words, you rely on that component
for confidentiality and integrity.
红色部分表示控制那部分连接或机器的人能够看到你的文件并且改变文件内容。也就是说,你的隐私和完整性需求依赖那部分组件
19. Black means that whoever controls that link or that machine cannot see
your files or change their contents. In other words, you do not rely on that
component for confidentiality and integrity
黑色部分表示控制那部分连接或机器的人不能看到你的文件也不能改变文件内容。也就是说,你的隐私和完整性需求不依赖那部分组件。
Some words which might be used in the newly designed diagram:
Tahoe gateway on a remote server
在远程服务器上的Tahoe网关
Tahoe gateway on your local machine
在你的本地机器上的Tahoe网关
Be vulnerable to the people who control that server
不能抵抗控制服务器的人的攻击
safe against the threat of the server operator
抵抗来自服务器操作员的风险
people who control the server
控制服务器的人
your local server(gateway)
你的本地服务器(网关)
Regards
Yu Xue
2010/11/11 Zooko O'Whielacronx <zo...@zooko.com>
> Dear people of p2p-hackers, tahoe-dev, and liberationtech:
>
> I think I confused the issue when I said in [1] "some people in China
> might be relying on using the Tahoe-LAFS public demo over unencrypted
> HTTP and thinking that it provides security properties like they would
> get if they ran their own copy of Tahoe-LAFS locally".
>
> Encryption of the HTTP connection isn't very important, so it was
> confusing when I mentioned "over unencrypted HTTP". I should have just
> said "some people in China might be relying on using the Tahoe-LAFS
> public demo and thinking that it provides security properties like
> they would get if they ran their own copy of Tahoe-LAFS
> locally".
>
> Look at this diagram:
>
> http://tahoe-lafs.org/source/tahoe-lafs/trunk/docs/about.html
>
> Using an unencrypted connection (HTTP or FTP) between the Tahoe-LAFS
> client and the Tahoe-LAFS gateway means that the link between those
> two objects on the diagram is red, meaning that you are vulnerable to
> anyone who controls that link. If you instead used an encrypted
> connection (HTTPS or SFTP) between those two objects then that link
> would be black, meaning that you are not vulnerable to someone just
> because they control that link. But you are still vulnerable to
> whoever controls the Tahoe-LAFS gateway which the link goes to!
>
> The right way to do it is to run the Tahoe-LAFS gateway yourself on a
> computer that you control. The Tahoe-LAFS gateway object is red on
> that diagram, meaning that you rely on it for your security, which is
> why you should run it on a computer that you control.
>
> You could run it on the same laptop or desktop that you are running
> your web browser (which is acting as the Tahoe-LAFS client), in which
> case it doesn't matter whether you use HTTP or HTTPS because the
> connection is only running over the loopback interface anyway.
>
> Or you could run it on some other computer that you control, in which
> case you need to use HTTPS so that you aren't vulnerable to anyone who
> controls the link between your local computer running your web browser
> on and your remote computer running your Tahoe-LAFS gateway.
>
> So, how do we explain to these Chinese users (and everyone else) that
> if they want good security, they must run a Tahoe-LAFS gateway (which
> is a web server) on a computer they control? Perhaps it would help to
> draw one variant of this diagram showing a user using a gateway on a
> remote server and being vulnerable to the people who control that
> server (which may include more people than the server's legal owner
> thinks), and another picture showing a user using a gateway on his
> local machine and being safe against the threat of the server operator
> betraying him.
>
> Does anyone have design skills (and Chinese!) and could try to explain
> this?
>
> Here is the source code for the current version of the diagram:
>
>
> http://tahoe-lafs.org/source/tahoe-lafs/trunk/docs/network-and-reliance-topology.svg
>
> Regards,
>
> Zooko
>
> [1] http://lists.zooko.com/pipermail/p2p-hackers/2010-November/002551.html
>
--
此致
敬礼!
薛宇
身前身后
是时间的深渊
_______________________________________________
p2p-hackers mailing list
p2p-hackers@lists.zooko.com
http://lists.zooko.com/mailman/listinfo/p2p-hackers
