Re: [Monotone-devel] Transport encryption

[Nathaniel Smith]

On Tue, Oct 11, 2005 at 07:37:03PM +0200, Michael Neumann wrote:
> Thanks for all your answers! Yes, I too think that it is an advantage of 
> having this integrated into Monotone. I'm not sure whether it's one of 
> Monotone's goals (it was one of OpenCM), but if you want replication 
> across multiple (possibly heterogenous) hosts, it has to be integrated, 
> otherwise it's becoming an administrative nightmare.

I'm not quite sure I understand what you're saying here -- the case
where transport encryption is useful is:
  -- you want to transfer data from A to B
  -- you think there may be eavesdroppers in the network between A and B
  -- you're scared of what will happen if eavesdroppers see your data
So, e.g., for free software projects, encryption is basically
meaningless, because the code is public anyway.

There are cases we want to support where encryption is useful --
basically, it'd be nice if proprietary developers who didn't want to
mess around with VPNs or ssh forwarding could easily use monotone --
but that's a much more niche sort of usage than it sounds like you're
talking about.

We can already do replication across multiple hosts, that are
heterogenous in any way I can think of, and the replication is secure
against tampering, man-in-the-middle, and so on -- it's just that
people could peak at the data while it goes by.

-- Nathaniel

-- 
"The problem...is that sets have a very limited range of
activities -- they can't carry pianos, for example, nor drink
beer."