Hi, Interesting idea. I note you say that this might add 5-30 seconds to the access time for a give site and more for a web page with more than one TLS server cert needed.
Is that something that could get quicker to the level where it'd be acceptable do you think? I suspect those kinds of latency would be a killer for browsers or other applications using TLS. Or am I misreading it? (Even if I'm not and this'd have to be that slow, I think experimenting with it is worthwhile btw.) Ta, S. On 09/16/2013 09:49 PM, Kai Engert wrote: > I've started yet another project to solve "the right key" problem. > > DetecTor is an open source project to implement client side SSL/TLS MITM > detection, compromised CA detection and server impersonation detection, > by making use of the Tor network. > > In short, make use of the existing Tor network, perform multiple > connections to the destination server through multiple routes, check for > consistency in the use of certificates, and either fail or proceed > automatically, without user interaction. > > The detailed description of the idea, including suggestions for the > handling of edge cases, can be found at http://detector.io/ > > Looking forward to your feedback. > > Regards > Kai > > > _______________________________________________ > therightkey mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/therightkey > > _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
