On Fri, Aug 25, 2000 at 07:04:15PM -0500, MJR wrote:
> Oskar Sandberg wrote:
>
> > Mailing lists are not a good place for files. The web is a good
> > place. Freenet is an even better place :-).
>
> Oops! My bad. I thought Ian said smallish files were OK a while back.
> Depends if you mean cable modem small or cell-phone slow, I guess.
There are so many free places to dump files on the net, it's just
unnecessary to post them to a discussion list.
> > While that is, unfortunately, very much not true when it comes to
> > security, this doesn't sound wrong.
>
> I was probably being unclear. The problems would emerge in the
> encryption process. Decryption is pretty hard to do wrong, right?
>
> I was sure I messed it up somehow. There's always a chance, of course.
What I was saying was that just because something works as expected
doesn't mean it's secure. Especially when one starts inventing once own
modes and stuff, it's easy to fuck up the security without knowing it
("This letter is really, really, secret, so I OTP encrypted
it... twice!").
> > If you want to be paranoid about those things, remember to call the
> > clients with "-safer yes".
>
> Maybe this would be useful. Files could be encrypted to disk with a
> password, and only decrypted when you actually need them. I don't know,
> is there really a demand for this kind of thing?
The safer option simply causes the temporary files to be encrypted with a
random key that is only kept in memory. The CLI clients to not worry about
the security of SVK/SSK private keys, that is a whole different issue.
I added a version option (-version yes) that displays the
node, protocol, and client versions.
> How about staganography?
No.
> > I'm sure we can convince Scott to write some code so it doesn't have to be
> > this complicated. Meanwhile remember to use "-htl 1" on these so they will
> > be fast.
>
> HTL 1? Wow. I thought it wouldn't propogate then. Sure shows my
> understanding of the protocol.
HTL 1 means it only reaches one node - why would you want random data to
propogate further?
> > That file is borked from here.
>
> You removed the period at the end, right? My box was down for a few
> hours a couple times, though.
>
> Alright, I just updated the code. Subspaces insert with htl=1, random
> numbers are properly seeded with time(0), the new client names are used,
> stdout and stderr are disconnected, and there's still a horrible kludge
> involving a fork() where threads should be used and the related
> problems.
Since you're Unix only anyways, you should use /dev/(u)random for the
random numbers.
Any plans on getting other keytypes working (CHK, SSK)? That seems like
the easy part to me.
--
\oskar
_______________________________________________
Freenet-dev mailing list
Freenet-dev at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
