[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Transport encryption
From: |
Conrad Steenberg |
Subject: |
Re: [Monotone-devel] Transport encryption |
Date: |
Tue, 11 Oct 2005 11:26:32 -0700 |
Hi Nathaniel
Another alternative might be to have a utility to convert x509 certs and
their associated private keys to the format monotone uses, and then use
the former for SSL tunneling. If monotone is using RSA keys, it could be
(almost) trivial.
The advantage is that x509 is supported by a lot of libraries and
browsers - despite the fact that those libraries might be horrid, they
do work and are quite widely inspected for holes already.
As an example, we issue X509 certs to every member of a collaboration,
and having to manage ssh and monotone (and other) keys is a major
administrative pain. E.g. monotone keys are not signed and have to
concept of revocation lists etc.
Cheers
Conrad
On Tue, 2005-10-11 at 08:50 -0700, Nathaniel Smith wrote:
> On Tue, Oct 11, 2005 at 11:57:02AM +0100, Joel Crisp wrote:
> > Is there a reason why this has to be integrated in Monotone rather than
> > using tunneling?
>
> Eh, there are some advantages to integrating it -- ssh tunneling
> requires people have logins on the remote box, requires they have ssh
> installed, etc. Effective crypto is mostly crypto that users don't
> have to think about...
>
> -- Nathaniel
>
--
Conrad Steenberg <address@hidden>
California Institute of Technology
smime.p7s
Description: S/MIME cryptographic signature
- [Monotone-devel] Re: Transport encryption, (continued)
- Re: [Monotone-devel] Re: Transport encryption, Nathaniel Smith, 2005/10/13
- Re: [Monotone-devel] Re: Transport encryption, Ethan Blanton, 2005/10/13
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Jon Bright, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/13
- Re: [Monotone-devel] Transport encryption,
Conrad Steenberg <=
- key trust (was Re: [Monotone-devel] Transport encryption), Nathaniel Smith, 2005/10/12
- [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Brian Campbell, 2005/10/12
- [Monotone-devel] Re: key trust, Nathaniel Smith, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Conrad Steenberg, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Conrad Steenberg, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- [Monotone-devel] Re: key trust, Bruce Stephens, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Conrad Steenberg, 2005/10/12