Re: [Monotone-devel] Re: Transport encryption

[Ethan Blanton]

Bruce Stephens spake unto us the following wisdom:
> Nathaniel Smith <address@hidden> writes:
> > We can already do replication across multiple hosts, that are
> > heterogenous in any way I can think of, and the replication is
> > secure against tampering, man-in-the-middle, and so on -- it's just
> > that people could peak at the data while it goes by.
> 
> In which case the problems with keys and certificates doesn't have to
> be relevant; doesn't TLS have anonymous cipher suites, which can be
> used without either end authenticating (and without either having a
> certificate)?  In which case that could be used just as an encrypting
> wrapper, and the existing monotone protocol can continue to do all the
> authentication.

Unless I'm missing something, using TLS without certificates will not
give you much security at all ... monotone itself will guarantee that
there is no man-in-the-middle *changing* your stream, but if the
encryption isn't authenticated then someone could still be *reading*
your stream.  In that case, why bother with encryption at all.

Ethan

-- 
The laws that forbid the carrying of arms are laws [that have no remedy
for evils].  They disarm only those who are neither inclined nor
determined to commit crimes.
                -- Cesare Beccaria, "On Crimes and Punishments", 1764

pgpaCYQn8w_d6.pgp
Description: PGP signature