IPsec in 2.6
martin f krafft
madduck at madduck.net
Thu Oct 9 14:16:03 PDT 2003
also sprach Eugen Leitl <eugen at leitl.org> [2003.10.09.1931 +0200]:
> What is wrong which just exchanging the keys for ad hoc mode? You could
cache
> them and log whenever a key has changed (at least allowing to detect a MITM
> post facto).
... like SSH, huh?
> We're really looking for blanket rollout of a low-security
> service which wouldn't stand a dedicated attacker yet would effectively
> prevent large-scale screening of cleartext traffic as currently practised
by
> diverse TLAs.
I am all for it. This should be implementable in a cousin of
isakmpd, no?
PS: please don't CC me on mailing lists...
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net at madduck
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
microsoft windoze - the best solitaire game you can buy.
[demime 0.97c removed an attachment of type application/pgp-signature]
More information about the cypherpunks-legacy
mailing list