[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Re: Transport encryption
From: |
Nathaniel Smith |
Subject: |
Re: [Monotone-devel] Re: Transport encryption |
Date: |
Thu, 13 Oct 2005 13:01:58 -0700 |
User-agent: |
Mutt/1.5.9i |
On Thu, Oct 13, 2005 at 10:36:16AM +0100, Bruce Stephens wrote:
> I'm suggesting another would be to leave monotone's protocol just as
> it is (complete with signing), and just to use TLS to provide an
> encryption wrapper around it, for those that want such a thing.
It doesn't work like this -- if you want MITM protection,
your authentication has to be tied into all your actual crypto use.
So in this scenario, a MITM attacker couldn't alter the stream
(because we our HMACing is tied into the authentication), but they
could eavesdrop on everything, despite the encryption.
-- Nathaniel
--
"But in Middle-earth, the distinct accusative case disappeared from
the speech of the Noldor (such things happen when you are busy
fighting Orcs, Balrogs, and Dragons)."
- Re: [Monotone-devel] Transport encryption, (continued)
- Re: [Monotone-devel] Transport encryption, Christof Petig, 2005/10/12
- Re: [Monotone-devel] Transport encryption, Christof Petig, 2005/10/12
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/11
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/11
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/12
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/12
- Re: [Monotone-devel] Re: Transport encryption, Richard Levitte - VMS Whacker, 2005/10/12
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/13
- Re: [Monotone-devel] Re: Transport encryption, Richard Levitte - VMS Whacker, 2005/10/13
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/13
- Re: [Monotone-devel] Re: Transport encryption,
Nathaniel Smith <=
- Re: [Monotone-devel] Re: Transport encryption, Ethan Blanton, 2005/10/13
- [Monotone-devel] Re: Transport encryption, Bruce Stephens, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Jon Bright, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Nathaniel Smith, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Conrad Steenberg, 2005/10/11
- key trust (was Re: [Monotone-devel] Transport encryption), Nathaniel Smith, 2005/10/12
- [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Brian Campbell, 2005/10/12