> And once we're requiring both sides of the communication to install > extra software, we might as well just have both sides just support SSL > and be done with it.
Tor [exit nodes] can always attempt to initiate opportunistic IPSEC. You might be surprised how many servers out there do run IKE, whether intentional or not. Tor could reference docs as to turning it on when configuring exit nodes... It's not just HTTP[s] that needs it, but pop, imap, etc. SSL on certain ports, yes, sure. But IKE/IPSEC covering everything, and the PKI aspect of SSL where warranted, now that's swell. *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
