Re: [Mixmaster-devel] Inter-remailer protocol
Brought to you by:
weaselp
From: Adam L. <ag...@li...> - 2001-11-07 19:18:41
|
On Wed, Nov 07, 2001 at 10:32:39AM -0800, Scott Renfro wrote: > key list using the certification verification hook in OpenSSL. I think > we want ephemeral DH to get forward secrecy, though we may want to cache > the EDH keys for short periods to reduce the key generation overhead. > (I'm not sure that OpenSSL supports this nor if it resists small > subgroup attacks when reusing DH keys.) I would much perfere we use our own crypto protocol not SSL: * SSL is large and complex and several protocols (like HTTP) have had to = be shoehorned into it (HTTPS is not at all clean) * Against security principles, namly KISS (Keep it simple, stupid) * Limit's our ability to do what we want The main advantage of OpenSSL is that we don't have to impliment the code. Well, implimenting all that we need is not hard - and we can even use the functions from OpenSSL. > Perhaps support for the inter-remailer protocol and support for SMTP > should be listed as a capabilities. This would drive the logic of when > to try each. Possibly. Thou in order to keep it simple I would tend to say that we don't need it. What do others think? > Seems like we desire two-way authentication. The client mix wants to > ensure that he's delivering messages to the right next hop and the > server mix wants to only accept messages from known mixes (white-list). I'd say we certainly need 2-way authentication. > (What are our requirements/goals, anyway? Have we attempted to list > them?) No, we haven't. Len sent the following to me (I suspect he ment to reply to the list) --start-- Hey -- I think we're getting ahead of ourselves. First we need to detail the requirements of the inter-remailer protocol, including the parts that have been done already.=20 ----end-- For everyone with procmail: :0 * List-Id: .*mixmaster-devel.lists.sourceforge.net.* | formail -i "Reply-To: mix...@li..." >> /home/agl= /mail/mixmaster (remembering to replace /home/agl with something else) AGL --=20 When will people realise that we don't care for their damm stupid laws? We = can handle ourselves, thank you very much. |