For a practical example, also see tpinstall-example.txt.
If you run a Trusted Peer, that means you provide a (hopefully permanent) service that is accessed through and linked into the Six/Four network as a peer. People who remain anonymous will send requests to you to connect out to public internet sites and tunnel data between those sites and them. You may refuse that though, based on access controls (e.g. denying certain services/port numbers).
You will create a RSA keypair, submit your public key to Hacktivismo (we will sign and distribute it), and connect into the Six/Four network by connecting to some peers using your TrustedPeer console.
Now, we need to be able to TRUST you to approve you as trusted peer. This means meeting a few criteria as outlined below. If you don't want approval, you are of course free to run a "Trusted" Peer with an unsigned key, or one with a key signed by someone else. The only catch is that WE will be telling users - in their own best interest - to use Trusted Peers only if they have verified that their TP Key was signed by Hacktivismo, and that we won't help you distributing your Trusted Peer key to anyone if we didn't approve you. That being said, it can make sense to run your own Trusted Peer, say, as a media company, or as human rights institution, or as private person, if you want to access content anonymously from one place, but have an account somewhere else where you can run a Trusted Peer which doesn't have to stay anonymous. Just don't expect a lot of people to use your TP then.
The criteria for trust are:
1) Reputation. You must be someone well-known, or someone that is known by people that we trust. Or someone that is doing something publicly that makes us think you are trustworthy. Or someone that is known by someone that is known by someone that we know and trust. :p This is just to say, Li Peng and friends, don't even try it. And, as a side node: Yes, we may actually check your car for "TIPS" bumper stickers.
2) Security. Your host should be well secured, and there should be no eavesdropping or anything running there. Ideally you'll let us on there and look around. And it shouldn't be a .gov.cn site, for god's sake!
3) Availability. Your host should have a permanent IP / connection, because we generally associate a Trusted Peer's key with his IPv4 address. Also, you must have a minimum of 5 connections to other, normal Six/Four peers to ensure connectivity to the Six/Four network. Make sure that you have a connection minimum and that your hosts file is big enough!
So, here are the technical installation instructions:
1) Type 'make'. Then type 'make install'. All you need is: - working gcc, make - openssl, libpthread installed (On Win32, the CygWin environment gives you this. Just edit the Makefiles and add -DWIN32 to the CC= variable.)
2) Go to the GenTPKey directory and type "./GenTP Something" You'll be asked for a private key passphrase. Remember that passphrase, for you'll need it to start the TrustedPeer daemon.
3) Send "Something.public" to Hacktivismo (over the Trusted Peer webform at https://www.hacktivismo.com) for signing/distributing. We'll sign it, distribute it, and send you back the "Something.public.sig".
4) cp Something.private ../bin/64TP/Something.pem
5) Now, it's time to go to bin/64TP and edit your config file, tp.cfg (you should also look through ACL.conf). In tp.cfg, you MUST change "ipaddr" to reflect your IP address or hostname. You MUST also change "tpkeyfile" to your private key, i.e. "./Something.pem".
6) Add your IP address from which you want to run the Trusted Peer at the end of your public key (which should be renamed to TPKEY-ipaddr). For example, for IP address 23.45.67.89, you would do: echo 23.45.67.89 >> key.public ; mv key.public TPKEY-23.45.67.89
7) Start ./TrustedPeer - in the background or on a screen, or whatever. Connecting to some 6/4 peers, to make your Peer actually accessible. That's all. The Trusted Peer can now be accessed through your IP. You will get an approval notice and a copy of a CA signature for your TP Key once Hacktivismo CA has approved you as trusted.
8) You can now take Something.public and Something.public.sig and distribute them as TPKEY-<youripaddress> and TPKEY-<youripaddress>.sig, for use in Six/Four clients that you want to serve with Six/Four access.
This document was generated using the LaTeX2HTML translator Version 2002-2 (1.70)
Copyright © 1993, 1994, 1995, 1996,
Nikos Drakos,
Computer Based Learning Unit, University of Leeds.
Copyright © 1997, 1998, 1999,
Ross Moore,
Mathematics Department, Macquarie University, Sydney.
The command line arguments were:
latex2html -no_subdir -split 0 -show_section_numbers /tmp/lyx_tmpdir10755x1TkOh/lyx_tmpbuf5/README.tex
The translation was initiated by mixter on 2003-02-14