-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/22/2012 12:26 PM, Michael Rogers wrote:
> Looking briefly at the Monkeysphere proposal mentioned earlier in > this thread, there appear to be some fields that could be used to > distinguish Monkeysphere-based handshakes from other handshakes: Is that before or after an SSL or TLS connection is negotiated? > * A new signature type is used, NullSignatureUseOpenPGP. * The > signature type's object ID comes from an ID space allocated to the > Monkeysphere project. * The signature consists of the ASCII bytes > "use OpenPGP". In this case yes, these could be used to detect certificate exchange. Exchanging over an unauthenticated crypto channel is probably not a good idea. > https://lists.riseup.net/www/arc/monkeysphere/2011-03/msg00027.html Reading > the thread... thanks for the link, it was very helpful. > As I said before, this isn't necessarily a problem - it just > raises the question of whether it's a design goal for the > FreedomBox's traffic to be hard to distinguish from other traffic. If it was, it would make it more difficult to detect and censor FreedomBox traffic. If it wasn't that would be a risk that would be implicitly accepted, and possibly need to be dealt with later. - -- The Doctor [412/724/301/703] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ Self-modifying code: Just because you can doesn't mean that you should. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+8+xUACgkQO9j/K4B7F8EXlACdHovuOYPQhYJkpOOzBlFFkN5D QFAAoJJA+nWMqUSrS/hUSbWm2NzEW6p1 =7iK5 -----END PGP SIGNATURE----- _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
