[Freedombox-discuss] Announcing Santiago Release Candidate 1

The Doctor drwho at virtadpt.net
Wed May 23 14:58:29 UTC 2012

Hash: SHA1

On 05/22/2012 12:26 PM, Michael Rogers wrote:

> Looking briefly at the Monkeysphere proposal mentioned earlier in
> this thread, there appear to be some fields that could be used to 
> distinguish Monkeysphere-based handshakes from other handshakes:

Is that before or after an SSL or TLS connection is negotiated?

> * A new signature type is used, NullSignatureUseOpenPGP. * The
> signature type's object ID comes from an ID space allocated to the
> Monkeysphere project. * The signature consists of the ASCII bytes
> "use OpenPGP".

In this case yes, these could be used to detect certificate exchange.
 Exchanging over an unauthenticated crypto channel is probably not a
good idea.

> https://lists.riseup.net/www/arc/monkeysphere/2011-03/msg00027.html

the thread...  thanks for the link, it was very helpful.

> As I said before, this isn't necessarily a problem - it just
> raises the question of whether it's a design goal for the
> FreedomBox's traffic to be hard to distinguish from other traffic.

If it was, it would make it more difficult to detect and censor
FreedomBox traffic.  If it wasn't that would be a risk that would be
implicitly accepted, and possibly need to be dealt with later.

- -- 
The Doctor [412/724/301/703] [ZS]

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

Self-modifying code: Just because you can doesn't mean that you should.

Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the Freedombox-discuss mailing list