[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Re: Transport encryption
From: |
Ethan Blanton |
Subject: |
Re: [Monotone-devel] Re: Transport encryption |
Date: |
Thu, 13 Oct 2005 09:44:24 -0500 |
User-agent: |
Mutt/1.4.1i |
Bruce Stephens spake unto us the following wisdom:
> Nathaniel Smith <address@hidden> writes:
> > We can already do replication across multiple hosts, that are
> > heterogenous in any way I can think of, and the replication is
> > secure against tampering, man-in-the-middle, and so on -- it's just
> > that people could peak at the data while it goes by.
>
> In which case the problems with keys and certificates doesn't have to
> be relevant; doesn't TLS have anonymous cipher suites, which can be
> used without either end authenticating (and without either having a
> certificate)? In which case that could be used just as an encrypting
> wrapper, and the existing monotone protocol can continue to do all the
> authentication.
Unless I'm missing something, using TLS without certificates will not
give you much security at all ... monotone itself will guarantee that
there is no man-in-the-middle *changing* your stream, but if the
encryption isn't authenticated then someone could still be *reading*
your stream. In that case, why bother with encryption at all.
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
pgpaCYQn8w_d6.pgp
Description: PGP signature
- Re: [Monotone-devel] Transport encryption, (continued)
- Re: [Monotone-devel] Transport encryption, Christof Petig, 2005/10/12
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/11
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/11
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/12
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/12
- Re: [Monotone-devel] Re: Transport encryption, Richard Levitte - VMS Whacker, 2005/10/12
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/13
- Re: [Monotone-devel] Re: Transport encryption, Richard Levitte - VMS Whacker, 2005/10/13
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/13
- Re: [Monotone-devel] Re: Transport encryption, Nathaniel Smith, 2005/10/13
- Re: [Monotone-devel] Re: Transport encryption,
Ethan Blanton <=
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Jon Bright, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Conrad Steenberg, 2005/10/11
- key trust (was Re: [Monotone-devel] Transport encryption), Nathaniel Smith, 2005/10/12
- [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Brian Campbell, 2005/10/12
- [Monotone-devel] Re: key trust, Nathaniel Smith, 2005/10/12