On 25 Okt., 18:02, Martin Albrecht <martinralbre...@googlemail.com>
wrote:
> On Tuesday 25 October 2011, Jason Grout wrote:
> > On 10/25/11 10:40 AM, Martin Albrecht wrote:
> > > However, from the website it seems, tcpcrypt doesn't guarantee privacy in
> > > the default setting except against passive attackers, i.e. those which
> > > can only listen but not control traffic on the network. But if there is
> > > a shared secret such as a password, it can optionally use
> > > authentication.
>
> > I'll file tcpcrypt in my "interesting; let's see where it goes" list.
>
> I asked a colleague and it seems the general consensus seems to be that the
> design is solid. They also had a USENIX paper, which would also imply a
> certain quality. However, you'll have to decide whether the "opportunistic
> encryption" is sufficient for you or check how hard it is to integrate it into
> the authentication mechanisms already in place.

Well, it seems tcpcrypt it mainly targeted at different use cases.

My knowledge of the Sage notebook and its communication is next to
nothing, but I think it is rather unlikely that the network between
the notebook server (the "front end") and its "workers" is insecure,
or subject to sniffing (by "unauthorized" people).

Without shared secrets or authentication tcpcrypt would probably be of
almost no value for the notebook.  You'd also have to define what data
you consider confidential, and what kind of attacks you want to
prevent.


2ct,

-leif

-- 
To post to this group, send an email to sage-devel@googlegroups.com
To unsubscribe from this group, send an email to 
sage-devel+unsubscr...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/sage-devel
URL: http://www.sagemath.org

Reply via email to