I'm in the process of setting such a thing up for myself, though with
less expectation of "security" perhaps than you are envisioning.
The personal wiki will merely be available solely through an https
server that requires me to authenticate. That takes care of a large
chunk of concern.
Blogging is harder, unless Pyra has released a private-label blogger
that one can use with one's own server. The most glaring problem is the
FTP transfer of the blog-- ability to use scp or similar instead would
be very nice.
Hey bake-off guys-- if I write up a spec for a minimal open blogger,
maybe you can implement that in addition to or instead of the xmethods
stuff...
Cheers,
_Strata
Gordon Mohr wrote:
>
> I'd like to have a personal weblog and/or wiki: a hypertext
> space, accessible from anywhere, than easily captures, orders,
> and crosslinks all sorts of notes, thoughts, and compositions.
>
> However, rather than publishing the content to the world, I'd
> like it to be accessible only to me. In fact, I'd like extreme,
> even unreasonable privacy -- such that I could casually store
> every password I've ever used in the system, or write text
> without any concern whatsoever that others would someday
> read it.
>
> More specifically, I'd expect strong protection against network
> and (remote and local) filesystem eavesdropping, but could accept
> vulnerability to devices or software which watch local keystrokes,
> RAM, or screen-contents.
>
> Anyone know if something like this exists?
>
> --
>
> The first architecture that occurred to me for implementing
> such a system would be:
>
> (1) A web-browser which makes an SSL connection to...
> (2) A local micro-web-server, which:
> - prompts for the system secret/key
> - runs the wiki/weblog software but...
> - encrypts all persistent data before handing it off to...
> (3) An not-particularly trusted remote web-server,
> running appropriate archive/retrieval software
>
> You would have to download and run the micro-web-server to
> a machine before accessing the private area from that machine.
> The data on the remote server could be sabotaged, but it would
> then fail local consistency checks.
>
> Properly-behaving browsers never filesystem-cache content that
> comes over SSL connections, right?
>
> Does this description and architecture for an ultraprivate web
> space strike FoRKers as possible? Practical? Paranoid? Promising?
>
> - Gordon
-- ======================================================================== Strata Rose Chalup [KF6NBZ] strata "@" virtual.net VirtualNet Consulting http://www.virtual.net/ ** Project Management & Architecture for ISP/ASP Systems Integration ** =========================================================================
This archive was generated by hypermail 2b29 : Fri Apr 27 2001 - 23:17:48 PDT