[Freedombox-discuss] BTNS on Freedombox
Eugen Leitl
eugen at leitl.org
Wed Jun 12 18:47:07 UTC 2013
On Wed, Jun 12, 2013 at 07:48:30PM +0200, Jonas Smedegaard wrote:
> Quoting Eugen Leitl (2013-06-12 17:46:54)
> > Do you see why IPv4/IPv6 BTNS wouldn't be a good out-of-the box
> > feature for the Freedombox?
>
> Uhm, could you please elaborate a bit on that?
>
> "Bitch That Need Slappin'" and "Toolbar Control and Button Styles" are
> some of the options coming up when I try figure out the meaning of that
> acronym.
Oh, right. I always thought that acronym was rather unfortunate.
It's Better Than Nothing Security, http://tools.ietf.org/html/rfc5386
an opportunistic encryption IPsec mode that omits authentication,
and hence the whole PKI/DNS key publishing overhead.
The result is resistant to passive taps, but not active (MITM)
traffic tampering on the wire (which is great, since
latter is expensive, and forces you to show your hand,
and hence is detectable in principle, which ups the
stakes in the game).
There are already some implementations, albeit labeled
experimental. It could be a low-work way to make a lot of
traffic go dark, and annoy some professionals.
More information about the Freedombox-discuss
mailing list