* David Sowder <[EMAIL PROTECTED]> [2007-10-31 13:17:36]: > David ???Bombe??? Roden wrote: > > On Wed, 2007-10-31 at 16:31 +0100, Florent Daignière wrote: > > > > > >> I don't... Keep in mind that FCP is insecure by design... > >> > > > > Now you're the second person reminding me of that. Please, PLEASE tell > > why an FCP client should be allowed to request illegal material but not > > to create a new key pair? Or sign a message with a previously generated > > key? > > > > I'm seriously wondering what people think I am suggesting here. Maybe > > you can elaborate on that. > > > > The node providing crypto funtionality via FCP could be very useful. As > for it being insecure, perhaps we could add support for FCP over SSL on > a separate port.
Link security is the obvious thing... DoSes are an other one. Generally speaking, the less services the node provides, the simpler the protocol is... The best it is for everyone. By the way sharing our RNG with clients is probably a bad idea (most crypto operations involve using some randomness) and we will have to expose it at some point if we want clients to do some useful stuffs. I still don't get why clients can't import our classes ... and do their own crypto with it (okay they are licencing issues... but we want everyone to use GPL, don't we ? :p) NextGen$
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
