Max

How will a reverse proxy help?

Things that a reverse proxy is often used for:

• making multiple services hosted on the same IP and port
• SSL termination so that the wider world speaks https and the proxy speaks http to the server. This means the server doesn’t have to do its own key management
• load balancing services so multiple servers can serve the same request (technically a load balancer but I believe some reverse proxies do basic load balancing)
• adding authentication in front of services that don’t have their own (note that some of the protections/utility is lost if you use http. Anyone who can see your traffic will also be able to authenticate. It’s not zero protection though because random internet users probably can’t see your traffic)
• probably something I’m forgetting

Do any of these match what you’re trying to accomplish? What do you hope to gain by adding a reverse proxy (or maybe some other software better suited to your need)?

Edit: you say you want to keep this service ‘private from the web’. What does that mean? Are you trying to have it so only clients you control can access your service? You say that you already have some services hosted publicly using port forwarding. What do you want to be different about this service? Assuming that you do need it to be secured/limited to a few known clients, you also say that these clients are too weak to run SSL. If that’s the case, then you have two conflicting requirements. You can’t simultaneously have a service that is secure (which generally means cryptographically) and also available to clients which cannot handle cryptography.

Apologies if I’ve misunderstood your situation

You definitely use a firewall, but there’s no need for NAT in almost all cases with ipv6. But even with a firewall, p2p becomes easier even if you still have to do firewall hole punching

I’ve setup okular signing and it worked, but I believe it was with a mime certificate tied to my email (and not pgp keys). If you want I can try to figure out exactly what I did to make it work.

Briefly off the top of my head, I believe it was

1. Getting a mime certificate for my email from an authority that provides them. There’s one Italian company that will do this for any email for free.
2. Converting the mime certificate to some other format
3. Importing the certificate to Thunderbird’s (or maybe it was Firefox’s) certificate store (and as a sidequest setting up Thunderbird to sign email with that certificate
4. Telling Okular to use the Thunderbird/Firefox certificate store as the place to find certificates

I can’t remember if there was a way to do this with pgp certificates easily

As far as I’m aware, what you cited only proves that there is no ether that acts on light in a way such that the round trip time in the direction of ether travel is different from the round trip time in the direction perpendicular to ether travel.

It’s not merely that:

somehow the movement of this medium caused the speed of light in one direction to be faster than another due to the movement of this medium, measuring the speed in two directions perpendicular to each other would reveal that difference.

Instead, it’s that the speed of light must be different in the two directions in a way such that their round trip times don’t average out to the same average as in the other direction.

The theories of ether at the time predicted such a round trip difference because of the wind like interactions that you say.

I believe that this in no way proves anything about the one way speed of light. The Michaelson Morley inteferometer only measures difference in round trip time.

(Insert comment about the irony of your last statement). See https://en.m.wikipedia.org/wiki/One-way_speed_of_light

I rum Creo under wine, and while the performance is great, the stability is not. Creo loves crashing even on windows, and it’s much worse on Wine. It’s the one program that I kinda wish I had kept dual boot around for.