[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[freehaven-cvs] Mention TLS in the protocol section.

To: freehaven-cvs@freehaven.net
Subject: [freehaven-cvs] Mention TLS in the protocol section.
From: rabbi@seul.org
Date: Thu, 16 Sep 2004 16:01:48 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Thu, 16 Sep 2004 16:02:13 -0400
Reply-to: freehaven-dev@freehaven.net
Sender: owner-freehaven-cvs@freehaven.net

Update of /home2/freehaven/cvsroot/doc/pynchon-gate
In directory moria.mit.edu:/tmp/cvs-serv21658

Modified Files:
	pynchon.tex pynchon.bib 
Log Message:
Mention TLS in the protocol section.


Index: pynchon.tex
===================================================================
RCS file: /home2/freehaven/cvsroot/doc/pynchon-gate/pynchon.tex,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -d -r1.23 -r1.24
--- pynchon.tex	16 Sep 2004 19:44:01 -0000	1.23
+++ pynchon.tex	16 Sep 2004 20:01:45 -0000	1.24
@@ -453,6 +453,15 @@
 process is repeated until the hash tree is traversed to a leaf node, which
 will contain the desired message or messages.
 
+To prevent man-in-the-middle attacks, TLS is used as the protocol's
+transport layer~\cite{rfc-2249}. Users negotiate a TLS connection with a
+given distributor, and then relay PIR messages as described. The
+connection is authenticated using a certificate in a two-level certificate
+chain. The top-level certificate is a self-signed long-term certificate
+for the distributor. The second-level certificate is used to authenticate
+the distributor and establish the TLS session for the PIR protocol, and
+should be rotated regularly to provide forward secrecy.
+
 In order to protect against usage pattern attacks, the size of the
 response to all message requests for an individual client must be a fixed
 size. If the number of messages contained in the system is too great to

Index: pynchon.bib
===================================================================
RCS file: /home2/freehaven/cvsroot/doc/pynchon-gate/pynchon.bib,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -d -r1.12 -r1.13
--- pynchon.bib	16 Sep 2004 18:29:38 -0000	1.12
+++ pynchon.bib	16 Sep 2004 20:01:45 -0000	1.13
@@ -153,6 +153,7 @@
   year = {2004}, 
   month = {October}, 
   address = {Washington, DC, USA}, 
+}
 
 @inproceedings{nym-alias-net,
   title = {{The Design, Implementation and Operation of an Email Pseudonym Server}}, 
@@ -454,6 +455,16 @@
   note = {\url{http://www.abditum.com/mixmaster-spec.txt}},
 }
 
+@misc{rfc-2246,
+  title = {{The TLS Protocol}},
+  author = {T. Dierks and C. Allen},
+  year = {1999},
+  month = {January},
+  organization = {Internet Engineering Task Force},
+  howpublished = {Request for Comments: 2246},
+  www_txt_url = {http://www.ietf.org/rfc/rfc2246.txt},
+}
+
 @misc{rfc-2779,
   title = {{Instant Messaging / Presence Protocol Requirements}},
   author = {M. Day and S. Aggarwal and G. Mohr and J. Vincent},

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/

Prev by Author: [freehaven-cvs] First pass at known attacks section.
Next by Author: [freehaven-cvs] Protocol clarification.
Previous by thread: [freehaven-cvs] First pass at known attacks section.
Next by thread: [freehaven-cvs] Protocol clarification.
Index(es):
- Author
- Thread