On 25 Okt., 18:02, Martin Albrecht <martinralbre...@googlemail.com> wrote: > On Tuesday 25 October 2011, Jason Grout wrote: > > On 10/25/11 10:40 AM, Martin Albrecht wrote: > > > However, from the website it seems, tcpcrypt doesn't guarantee privacy in > > > the default setting except against passive attackers, i.e. those which > > > can only listen but not control traffic on the network. But if there is > > > a shared secret such as a password, it can optionally use > > > authentication. > > > I'll file tcpcrypt in my "interesting; let's see where it goes" list. > > I asked a colleague and it seems the general consensus seems to be that the > design is solid. They also had a USENIX paper, which would also imply a > certain quality. However, you'll have to decide whether the "opportunistic > encryption" is sufficient for you or check how hard it is to integrate it into > the authentication mechanisms already in place.
Well, it seems tcpcrypt it mainly targeted at different use cases. My knowledge of the Sage notebook and its communication is next to nothing, but I think it is rather unlikely that the network between the notebook server (the "front end") and its "workers" is insecure, or subject to sniffing (by "unauthorized" people). Without shared secrets or authentication tcpcrypt would probably be of almost no value for the notebook. You'd also have to define what data you consider confidential, and what kind of attacks you want to prevent. 2ct, -leif -- To post to this group, send an email to sage-devel@googlegroups.com To unsubscribe from this group, send an email to sage-devel+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-devel URL: http://www.sagemath.org
