[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] Re: netsys and crypto...
|
From: |
graydon hoare |
|
Subject: |
[Monotone-devel] Re: netsys and crypto... |
|
Date: |
Tue, 03 Aug 2004 12:23:56 -0400 |
|
User-agent: |
Opera M2/7.53 (Linux, build 737) |
On Fri, 23 Jul 2004 01:37:33 +0200 (CEST), Richard Levitte - VMS Whacker
<address@hidden> wrote:
There's one thing I'm a bit curious about, and had a hard time
detecting from reading netsys.cc: is the communication channel
entirely in clear text, encrypted in parts or encrypted entirely?
Being a security-oriented person, I would very much like to know, or
do I need to do some advanced tunneling (IPsec, anyone?)?
it is cleartext; the public key crypto it uses is for authentication only.
note that this is quite arbitrary. it would be relatively painless to add
in some key negotiation during the authentication phase and run each
command packet through a stream cipher. I just haven't bothered yet.
another possibility is to use christof's new work which lets netsync tunnel
into a monotone serve instance using ssh (or similar unix pipe adaptor).
this work is not yet integrated into the main branch, but can be found on
net.venge.monotone.ssh branch. I am willing to adjust this sort of thing
to suit people's preferences, I've just been a bit pressed for time
recently.
-graydon
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Monotone-devel] Re: netsys and crypto...,
graydon hoare <=