Bruce Stephens spake unto us the following wisdom: > Nathaniel Smith <[EMAIL PROTECTED]> writes: > > We can already do replication across multiple hosts, that are > > heterogenous in any way I can think of, and the replication is > > secure against tampering, man-in-the-middle, and so on -- it's just > > that people could peak at the data while it goes by. > > In which case the problems with keys and certificates doesn't have to > be relevant; doesn't TLS have anonymous cipher suites, which can be > used without either end authenticating (and without either having a > certificate)? In which case that could be used just as an encrypting > wrapper, and the existing monotone protocol can continue to do all the > authentication.
Unless I'm missing something, using TLS without certificates will not
give you much security at all ... monotone itself will guarantee that
there is no man-in-the-middle *changing* your stream, but if the
encryption isn't authenticated then someone could still be *reading*
your stream. In that case, why bother with encryption at all.
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
pgpjGnEGv8PDc.pgp
Description: PGP signature
_______________________________________________ Monotone-devel mailing list Monotone-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/monotone-devel
