Mattias Bergsten wrote:
Even if you lose your private key, the data transfered up to that point
should not be compromised. This is what PFS is. An example of a protocol
using PFS is IPSEC, using the Diffie-Hellman key-exchange in it's OAKLEY
(RFC 2412) protocol.
Oh, so
_that's_ what the 30 year old Diffie-Hellman algo is for... Well,
it sure sounds reasonable. So then, what about RSA -> Diffie-Hellman ->
AES(or other negotiated symmetric key)? Or simply skip the RSA part? I
don't have any experience with RSA in OpenSSL, I'm not sure it'll
generate everything for you (d, e, n etc), and this would be very nice
not to have to do yourself.
And as I said, the private keys can easily be protected anyway. AES them
with a password for instance. But maybe this is only reasonable on hubs
that rarely restart.
If they can separate it, they can shape or block it. We're not just
aiming for privacy here - a huge part of the purpose is to make it
harder for ISPs to block DC, by saying, for example, "OK, we've just
made DC look exactly like HTTPS or IPSEC traffic. Now it's up to you -
block or shape all traffic that looks like this, or accept the fact and
move on."
Well, to make it totally transparent as to just being unrecognizable
traffic is impossible. Even if the hand-shake is extremely like HTTPS
the continuous traffic is still the same. Trying too much to make it
unrecognizable isn't worth it I think.
Nothing says you have to use X.509 just because you want to use SSL,
although it's much easier that way. :)
Also, you don't have to interpret that field in the certificate as a
host name if you don't want to - use it to store the CID instead?
Hmm, well yeah. Using the fields they way we feel is pleasing, well...
Is it okey if I still just don't like certificates at all?
;)
And btw Df_Offset, ciphers like blowfish might be fast but comes with a
draw-back in my opinion. It's by far too complex. In the competition for
being
_the_ AES algorithm, most people didn't understand blowfish, they
simply didn't get the code, and the authors being open source 'hackers'
had problems mathematically proving its concept. The same applies for
any 'difficult' algorithm, even Rijndael being very algebraic. The more
difficult it gets to understand the more dangerous it is for future
flaws found by geniuses that actually understand it thoroughly.
Opera