"James A. Donald" <[EMAIL PROTECTED]> writes:
>> When tinc 2.0 will ever come out (unfortunately I don't have a lot of
>> time to work on it these days), it will probably use the GnuTLS library
>> and authenticate and connect daemons with TLS. For performance reasons,
>> you want to tunnel network packets via UDP instead of TCP, so hopefully
>> there is a working DTLS implementation as well then.
> I have been considering the problem of encrypted channels over UDP or
> IP.  TLS will not work for this, since it assumes and provides a
> reliable, and therefore non timely channel, whereas what one wishes to
> provide is a channel where timeliness may be required at the expense
> of reliability.

DTLS does not assume a reliable channel -- it is designed for
applications that use UDP. Perhaps you are not familiar with it.

> I have figured out a solution, which I may post here if you are interested.

With respect, James, I think they'd be better off using DTLS. It was
designed by experts and it shares the same security properties as TLS.

Perry E. Metzger                [EMAIL PROTECTED]

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to