[Freedombox-discuss] Hosting public services (was: Re: Bootstrapping a Freedombox contact list)
Sandy Harris
sandyinchina at gmail.com
Mon Dec 23 15:06:39 UTC 2013
Anders Jackson <anders.jackson at gmail.com> wrote:
> Yes? Traffic in Tor isn't encrypted, it is annonymized. So you still
> need encryption when using Tor.
Tor does encrypt everything within its network.
>> A small nitpick to check my understanding: even if you use Tor on IPSec,
>> it is possible to send traffic that will be unencrypted at the exit
>> nodes. So your anonymity is assured, but not your secrecy.
Correct.
> No, it isn't. IPSec is encryption end to end.
Not necessarily. See:
http://www.freeswan.org/freeswan_trees/freeswan-1.97/doc/ipsec.html#limitations
In general IPsec is gateway-to-gateway; the basic design is for
linking two networks by building an encrypted tunnel between
their two firewalls.
It is possible to create an end-to-end connection with IPsec, in
the sense of machine-to-machine but not in the sense of
user-to-user as in PGP email or user to app like an SSH login.
More information about the Freedombox-discuss
mailing list