> During preliminary testing we purely relied on communicating the > hidden services names (that map to OnionCat IPv6 addresses) in a > properly authenticated manner.
OnionCat has no authentication between it and and the node it is running on and it's peers. It's somehwat possible though. There were some OC features being drafted to assist with this, though I do not know the current dev status on them. Till then, it's the honor system. On the big plus side, OC provides IPv6 function. Most you can do over native IPv6 can be do over OC over Tor (except maybe routing which need yet another layer). So you can do auth via ZRTP, ssh known-hosts, even IPSEC/IKE. So some good classes of bluffing are mooted by this I believe, no. If app has no built in and no IPSEC, then you are at risk for today. *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
