[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] Re: Transport encryption
|
From: |
Bruce Stephens |
|
Subject: |
[Monotone-devel] Re: Transport encryption |
|
Date: |
Thu, 13 Oct 2005 15:53:44 +0100 |
|
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) |
Richard Levitte - VMS Whacker <address@hidden> writes:
[...]
> Not having played with the anonymous cipher suites at all, I'm really
> walking on thin ice when talking about it. I was under the impression
> that all the anonymous cipher suites used EDH (Ephemeral DH?), so
> using that would also require a bit more of monotone than you might
> think...
I've never used them, either. I assumed one just selected one, and
the library would do its stuff. Maybe the handshake takes longer, but
presumably after that it's just using a symmetric cipher. So what
does monotone need to provide? DH parameters, I guess, but those
could be built in. I don't know, though, maybe there are security
considerations in every user of monotone using the same parameters.
I suppose monotone could construct a self-signed X.509 certificate out
of its server key, and use that (as a client, it wouldn't need to do
any verification at the TLS level, so the coding would just be about
constructing the certificate).
An easy way would be to use something like OpenSSL to code up the
certificate correctly, but if we didn't care about the contents
(except for the public key and signature) I'll bet it would be
reasonably straightforward to special-case the actual encoding.
[...]
- Re: [Monotone-devel] Transport encryption, (continued)
- Re: [Monotone-devel] Transport encryption, Christof Petig, 2005/10/12
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/11
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/11
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/12
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/12
- Re: [Monotone-devel] Re: Transport encryption, Richard Levitte - VMS Whacker, 2005/10/12
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/13
- Re: [Monotone-devel] Re: Transport encryption, Richard Levitte - VMS Whacker, 2005/10/13
- [Monotone-devel] Re: Transport encryption,
Bruce Stephens <=
- Re: [Monotone-devel] Re: Transport encryption, Nathaniel Smith, 2005/10/13
- Re: [Monotone-devel] Re: Transport encryption, Ethan Blanton, 2005/10/13
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Jon Bright, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Conrad Steenberg, 2005/10/11
- key trust (was Re: [Monotone-devel] Transport encryption), Nathaniel Smith, 2005/10/12
- [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12