Re: [Monotone-devel] Re: Transport encryption

monotone-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Re: Transport encryption

From:	Nathaniel Smith
Subject:	Re: [Monotone-devel] Re: Transport encryption
Date:	Thu, 13 Oct 2005 13:01:58 -0700
User-agent:	Mutt/1.5.9i

On Thu, Oct 13, 2005 at 10:36:16AM +0100, Bruce Stephens wrote:
> I'm suggesting another would be to leave monotone's protocol just as
> it is (complete with signing), and just to use TLS to provide an
> encryption wrapper around it, for those that want such a thing.  

It doesn't work like this -- if you want MITM protection,
your authentication has to be tied into all your actual crypto use.
So in this scenario, a MITM attacker couldn't alter the stream
(because we our HMACing is tied into the authentication), but they
could eavesdrop on everything, despite the encryption.

-- Nathaniel

-- 
"But in Middle-earth, the distinct accusative case disappeared from
the speech of the Noldor (such things happen when you are busy
fighting Orcs, Balrogs, and Dragons)."

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Monotone-devel] Transport encryption, (continued)

Prev by Date: Re: [Monotone-devel] Re: rfc on h: selector behavior
Next by Date: Re: [Monotone-devel] Re: rfc on h: selector behavior
Previous by thread: [Monotone-devel] Re: Transport encryption
Next by thread: Re: [Monotone-devel] Re: Transport encryption
Index(es):
- Date
- Thread