Stronghold, revisited

Greg Broiles gbroiles at gmail.com
Sun Jul 28 21:54:28 PDT 2013


On Sun, Jul 28, 2013 at 2:16 PM, tz <thomas at mich.com> wrote:

> For those who are too young to remember, during the "crypto is munitions"
> period where the source to strong crypto needed to be sent via FAX,
> Stronghold was a proxy that would take ordinary sessions (or I assume 40
> bit - yes, 40 bit, that was "export" strength) crypto on the browser end
> and transform it to the maximum strength on the remote end.


That was C2Net's SafePassage product, Stronghold was an Apache-based
webserver capable of strong crypto SSL.

That seems like a nice idea for today - get a router running DD-WRT or a
Raspberry Pi or similar to proxy all SSL connections and enforce the use of
PFS, watch for CA hijinks, and otherwise make a hard shell around the soft
Windows computers at the center. See, e.g.,
http://translate.google.com/translate?hl=en&sl=de&tl=en&u=http%3A%2F%2Fwww.heise.de%2Fct%2Fartikel%2FMicrosofts-Hintertuer-1921730.html

-- 
Greg Broiles
gbroiles at gmail.com (Lists only. Not for confidential communications.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1692 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20130728/eddf9910/attachment-0001.txt>


More information about the cypherpunks mailing list