Brandon <blanu at uts.cc.utexas.edu> wrote: > > solved by a full scale PK solution. I agree with Hal that it would be > > better to get simple encryption of node to node communication in there > > for now, because that is something we can realistically achieve. The > > node does not limit who it talks to right now anyways, so there is > > nothing to authenticate. > > I'm not talking about authenticate so much as encrypting the key exchange > so that man in the middle attacks don't work. You'd then have to be a man > in the middle who knows the public key for the system.
By "public key for the system" do you mean a single Freenet-wide public key? The man in the middle can just get that from CVS. =) If you mean a node-specific public key, that -is- authentication. theo _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
