-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 scar wrote: > F. Fox @ 2008/06/26 02:39: >> 7v5w7go9ub0o wrote: >> (snip) >>> This actually creates another question (not to be argumentative :-) ). >>> Given that there is no exit node, would an OnionCat to OnionCat >>> connection over TOR need to be encrypted? Is it plain-text anywhere >>> along the line? >> (snip) > >> No, it wouldn't need extra encryption - a hidden-service connection has >> end-to-end encryption by its very nature. > > > unless the nodes in the circuit were all using compromised ssh keys due > to that recent debian bug, or other unknown future bugs. in this case, > extra encryption might be the saving grace. > >
True enough - the only downside to extra layers of encryption, is the computational burden; with modern machines, it can't help to provide "your own" layer. =:oD - -- F. Fox AAS, CompTIA A+/Network+/Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSGM9iuj8TXmm2ggwAQihtg//UUYm5UFd7TgdZI9Dy5tFojl2O6Oq+KMU mqkacWx8rGaUohYuEVjBNr+05ih9bkJ2jLm2VyPRDrV6M0hoRikBFgxvnbgMr7a0 VMZFFxFkPkuUJNkmJSTdu45Y2bg5aQMPdjzH3jCcxkZ4sDMrDpzQS3BaLSJzQ5MB 5U/Uh26hFhYGmgOT+yW9b/UB17XBXDxyEo5y6fFKslicXGo8iLKA829x6/OZIyyi kmuJ4hW3+eyR+MDZf4Asz2I4VracWqfw1atcswIKziAFh3MmbVBHVtn+l7siWbtB JPuCb3jzyA+HEzg4oKyend2UfyrzToiUb+mp/UbNeJWExnbRoRBTffi6AjjWxcQj 0qGi4QdVOYnpYScjlUjLn9Ah4toTOKw/viHzARJ5dU3BlVMG8++G4v3x/I1APzJY aoLdlyhgs/7sC+X71selu2xxTglIetHZ3JECm6JhoSs1LIcFj3XQz9018q5N4vaI 0/H53s+MJEaXm2YhScEQC8D1bWm3PEK2dJuNxeG8dVVLqHhIs0/JpHvCCyF+bQHp dMNadSHgb/lRXeF/MdT+ueaoYZ7TjAKLvSmOIDuOlxT1BVUqlbbjaj62uIb5FnKg H7ioGhSvq99Mm8nQa4s3ZNy5RJ9E7EcbCFJ7F+RgZhfgsd7SBTeXBEkVTiKOEsb8 cEUz3p/jFOs= =Edtq -----END PGP SIGNATURE-----
