|
| From: | Phil de Joux |
| Subject: | Re: [Monotone-devel] Re: netsys and crypto... |
| Date: | Wed, 08 Sep 2004 14:13:15 +1200 |
| User-agent: | Opera M2/7.53 (Win32, build 3850) |
On Fri, 23 Jul 2004 01:37:33 +0200 (CEST), Richard Levitte - VMS Whacker <address@hidden> wrote:There's one thing I'm a bit curious about, and had a hard time detecting from reading netsys.cc: is the communication channel entirely in clear text, encrypted in parts or encrypted entirely? Being a security-oriented person, I would very much like to know, or do I need to do some advanced tunneling (IPsec, anyone?)?it is cleartext; the public key crypto it uses is for authentication only.note that this is quite arbitrary. it would be relatively painless to add in some key negotiation during the authentication phase and run each command packet through a stream cipher. I just haven't bothered yet.
As soon as the communication is secure, I can start using monotone for production work.
another possibility is to use christof's new work which lets netsync tunnelinto a monotone serve instance using ssh (or similar unix pipe adaptor). this work is not yet integrated into the main branch, but can be found on net.venge.monotone.ssh branch. I am willing to adjust this sort of thing to suit people's preferences, I've just been a bit pressed for time recently.
This is not very appealing when machines at both ends are running Windows. -Phil
| [Prev in Thread] | Current Thread | [Next in Thread] |