|
| From: | Cem Karan |
| Subject: | [Monotone-devel] Re: netsync transport encryption? |
| Date: | Wed, 25 Oct 2006 09:25:07 -0400 |
Message: 7 Date: Wed, 25 Oct 2006 13:41:12 +0100 From: Bruce Stephens <address@hidden> Subject: [Monotone-devel] Re: netsync transport encryption? To: address@hidden Message-ID: <address@hidden> Content-Type: text/plain; charset=us-ascii Dirk Hillbrecht <address@hidden> writes: [...]The question is what you want: Encryption or authentication.Ah, that's a good point. The first time I pull from a repository I don't have the server's public key. And we want to permit anonymous connections (as now) in which case the server doesn't know which of my public keys to use (and quite likely doesn't have them anyway). I guess in those cases perhaps encryption isn't really useful?
Well, it won't be useful against eavesdropping, but my question is, how is this any different from the non-encrypted case? As near as I can tell, you have three cases:
1) Neither side has the other's public key. The anonymous access algorithm kicks in, and temporary session keys can still be passed back and forth. The only difference is that these keys aren't authenticated.
2) One side has the other's public key, but not vice-versa. This might be the case with a distribution of Monotone that public keys for the server sent out, but where the new, anonymous user's keys are unknown. This case is similar to 1, except that there is only authentication in one direction. This might be in a case like where I'm in, where I want to know that I'm getting sources certified as being original Monotone sources, but where I'm not going to upload anything.
3) Both sides have each other's keys. This becomes the case I originally outlined.
In short, you would lose authentication and guarantees of privacy if you don't have each other's public keys, but it shouldn't affect the connection in any way, even for anonymous access.
The other solution is to generate an 'anonymous' set of keys that are always distributed with the Monotone sources. Then you are always authenticated as anonymous, and the rest of the algorithm goes on as before. I don't know enough about Montone (I just downloaded it yesterday!), but from what I can see, this might be the best solution; you can use the authentication and trust methods that are already available to determine what you want to do with an anonymous peer. The default in the distribution should be to refuse it completely. That will protect newbies like me from shooting ourselves in the foot!
Thanks, Cem Karan
| [Prev in Thread] | Current Thread | [Next in Thread] |