[Twisted-Python] Forwarded questions about PB

[Itamar Shtull-Trauring]

I've been telling this guy about PB, and he had some questions - please 
answer to the list and I'll respond to him with a summary.


-------- Original Message --------
To: lists at itamarst.org
Subject: Re: hi all, new crypto library

	BTW, I read that you want to use RPC over unix domain sockets
	- the Twisted project has a generic secure remote object
	publishing system called PB. It runs over sockets, SSL, unix
	domain sockets, etc.. The main idea was to help people
	implement programs without having to design a protocol from
	scratch each time. The Twisted framwork is in general a
	wonderful platform for server developement:
	http://www.twistedmatrix.com. And that way maybe someday it
	can work with other stuff as well (e.g. Java).

I'll take a look at it but I don't think it's the right thing for the
crypto library, at least without some kind of user authentication that
I currently haven't implemented.  Even with authentication I'd be
uncomfortable exposing the server directly to an IP network.  My idea
is to connect the server to the application host over a point to point
connection like a serial port.

Does PB have some advantage over running a standard non-encrypted RPC
protocol over SSL?

	And philosophically I think you'd like it. For example, the
	way it implements home directories for users in a web
	server. Each user runs their own webserver, and then the main
	one that listens on port 80 forwards request to ~itamar/ to my
	personal web server (using PB). So each user has their CGIs,
	server scripts and so on, run using their own permissions and
	limits.

Why not just use an apache proxy server on port 80, proxying requests
to user servers?

	And I'm a developer on it (though I wasn't at all involved with these
	parts of the code), so I'm sure my bias shows :)

I did look at twistedmatrix a few days ago and it looked kind of
interesting.  I didn't notice any of the security/crypto stuff at the
time.