On Monday 24 October 2011, Jason Grout wrote: > Over on the zeromq mailing list, there was a post about running zeromq > through tcpcrypt [1]. This seems like a good idea for our single-cell > server, which uses zeromq to communicate between server and workers. It > also seems like it might be nice to support it for sagenb.org, etc. > > My question is: those of you that know more about protocols and > security---what do you think of tcpcrypt? Is it well-respected? Is it > worth trying to set it up?
Hi, Jason asked me off list to jump in because I work in crypto. Btw. I am actually don't work in network security so I am not really an expert on the matter. But for what it's worth, I have never heard of the protocol. I took a quick look at the website and there are serious people behind the tcpcrypt (on the "about us" website). However, from the website it seems, tcpcrypt doesn't guarantee privacy in the default setting except against passive attackers, i.e. those which can only listen but not control traffic on the network. But if there is a shared secret such as a password, it can optionally use authentication. Cheers, Martin -- name: Martin Albrecht _pgp: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x8EF0DC99 _otr: 47F43D1A 5D68C36F 468BAEBA 640E8856 D7951CCF _www: http://martinralbrecht.wordpress.com/ _jab: martinralbre...@jabber.ccc.de -- To post to this group, send an email to sage-devel@googlegroups.com To unsubscribe from this group, send an email to sage-devel+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-devel URL: http://www.sagemath.org
