[Freedombox-discuss] Announcing Santiago Release Candidate 1
The Doctor
drwho at virtadpt.net
Wed May 23 14:58:29 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 05/22/2012 12:26 PM, Michael Rogers wrote:
> Looking briefly at the Monkeysphere proposal mentioned earlier in
> this thread, there appear to be some fields that could be used to
> distinguish Monkeysphere-based handshakes from other handshakes:
Is that before or after an SSL or TLS connection is negotiated?
> * A new signature type is used, NullSignatureUseOpenPGP. * The
> signature type's object ID comes from an ID space allocated to the
> Monkeysphere project. * The signature consists of the ASCII bytes
> "use OpenPGP".
In this case yes, these could be used to detect certificate exchange.
Exchanging over an unauthenticated crypto channel is probably not a
good idea.
> https://lists.riseup.net/www/arc/monkeysphere/2011-03/msg00027.html
Reading
>
the thread... thanks for the link, it was very helpful.
> As I said before, this isn't necessarily a problem - it just
> raises the question of whether it's a design goal for the
> FreedomBox's traffic to be hard to distinguish from other traffic.
If it was, it would make it more difficult to detect and censor
FreedomBox traffic. If it wasn't that would be a risk that would be
implicitly accepted, and possibly need to be dealt with later.
- --
The Doctor [412/724/301/703] [ZS]
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
Self-modifying code: Just because you can doesn't mean that you should.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk+8+xUACgkQO9j/K4B7F8EXlACdHovuOYPQhYJkpOOzBlFFkN5D
QFAAoJJA+nWMqUSrS/hUSbWm2NzEW6p1
=7iK5
-----END PGP SIGNATURE-----
More information about the Freedombox-discuss
mailing list