IPsec in 2.6
Eugen Leitl
eugen at parked.everydns.net
Thu Oct 9 10:31:19 PDT 2003
On Thu, Oct 09, 2003 at 06:57:33PM +0200, martin f krafft wrote:
>
> A curious idea that I've been paying some attention to for a while.
> One could simply implement a means that tries to connect with IPsec
> by default and falls back to IP if unsuccessful (keeping a cache of
That's how Opportunistic Encryption (OE) is supposed to work. It's just it's
much too high-threshold for Joe Schmoe systems. Software firewalls are not
even
NATed, and increasingly cheap NAT allows IPsec tunnelling; at least
single-session.
> IPsec incapable hosts). The main problem here, of course, the
> required public key repository, if you don't want to
> have your keys in DNS records. And also, the expensive SA
What is wrong which just exchanging the keys for ad hoc mode? You could cache
them and log whenever a key has changed (at least allowing to detect a MITM
post facto). We're really looking for blanket rollout of a low-security
service which wouldn't stand a dedicated attacker yet would effectively
prevent large-scale screening of cleartext traffic as currently practised by
diverse TLAs.
You can always upgrade to higher paranoia layers (like web of trust, or
direct exchange of secrets), but right now the entire
traffic is open to sniffing and filtering at will. It's a disgrace.
> negotiation and the potential for DoS.
-- Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
[demime 0.97c removed an attachment of type application/pgp-signature]
More information about the cypherpunks-legacy
mailing list