No subject


Tue Mar 1 03:45:00 UTC 2011


d once a connection is made it is bidirectional. If A initiates a connectio=
n to B , A can be sure he/she is talking to B but the opposite isnt true .S=
o if B has to sure he/she is indeed talking to A , he/she has to initiate a=
 connection to A. Which is what torchat does to authenticate both the parti=
es , even if OnionCat is being used the same has to be done to ensure both =
the people know who they are talking to. Am I right in my observation ?? <b=
r>
<br><div class=3D"gmail_quote">On Mon, Dec 20, 2010 at 12:57 PM, grarpamp <=
span dir=3D"ltr">&lt;<a href=3D"mailto:grarpamp at gmail.com">grarpamp at gmail.c=
om</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"marg=
in: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-l=
eft: 1ex;">
<div class=3D"im">&gt; During preliminary testing we purely relied on commu=
nicating the<br>
&gt; hidden services names (that map to OnionCat IPv6 addresses) in a<br>
&gt; properly authenticated manner.<br>
<br>
</div>OnionCat has no authentication between it and and the node it is<br>
running on and it&#39;s peers. It&#39;s somehwat possible though. There<br>
were some OC features being drafted to assist with this, though I do not<br=
>
know the current dev status on them. Till then, it&#39;s the honor system.<=
br>
<br>
On the big plus side, OC provides IPv6 function. Most you can<br>
do over native IPv6 can be do over OC over Tor (except maybe<br>
routing which need yet another layer).<br>
So you can do auth via ZRTP, ssh known-hosts, even IPSEC/IKE.<br>
So some good classes of bluffing are mooted by this I believe, no.<br>
If app has no built in and no IPSEC, then you are at risk for today.<br>
<div><div></div><div class=3D"h5">*****************************************=
******************************<br>
To unsubscribe, send an e-mail to <a href=3D"mailto:majordomo at torproject.or=
g">majordomo at torproject.org</a> with<br>
unsubscribe or-talk =A0 =A0in the body. <a href=3D"http://archives.seul.org=
/or/talk/" target=3D"_blank">http://archives.seul.org/or/talk/</a><br>
</div></div></blockquote></div><br>

--0023547c8989697bfd0497d3defd--
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list