[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Notes from Conversation with Roger

To: mixminion-dev@freehaven.NET
Subject: Re: Notes from Conversation with Roger
From: Zooko <zooko@zooko.com>
Date: Thu, 21 Mar 2002 09:43:56 -0800
Delivered-To: archiver@seul.org
Delivered-To: mixminion-dev-outgoing@seul.org
Delivered-To: mixminion-dev@seul.org
Delivery-Date: Thu, 21 Mar 2002 12:45:33 -0500
In-Reply-To: Message from George Danezis <gd@theory.lcs.mit.edu> of "Thu, 21 Mar 2002 12:00:51 EST." <Pine.LNX.4.44.0203211127240.14939-100000@blackbird.lcs.mit.edu>
References: <Pine.LNX.4.44.0203211127240.14939-100000@blackbird.lcs.mit.edu>
Reply-To: mixminion-dev@freehaven.net
Sender: owner-mixminion-dev@freehaven.net

 George Danezis <gd@theory.lcs.mit.edu> wrote:
>
> Questions:
> - How easy it is to hack OpenSSL to add a new record type, and define how 
> it should be processed? (nick?) Are there any hooks to the library that 
> would allow us to do this without getting our hands dirty?
> - Can we hack it cleanly without modifying any of the standardized parts 
> (I guess this is a question for me!)

I don't know the answer to this question.  I'm willing to figure it out if need 
be.

> - How do people feel about the above choice between custom made vs. SSL? 
> (no commitment - just feeling)

I think I prefer custom.  By the way, we did a custom encryption protocol for 
Mojo Nation, which is still present in EGTP.

To me the primary advantage of TLS is that it is standardized and implemented.  
If we have to tweak it then we lose this advantage and run afoul of one of its 
disadvantages: that it is more complex than we need.

Another disadvantage of TLS is that it needs interactive sessions which means it 
can't easily be layered on top of non-connectiony substrates like HTTP, EGTP, or 
e-mail.

Such layering would be useful, for example, to bypass national firewalls such 
as those employed by many Asian and Arab nations, not to mention corporate 
firewalls.

This doesn't matter at first since we're just using TCP, so I'm willing to 
ignore the issue for now.  Thus I end up with a lukewarm vote: I think I'd 
prefer a custom protocol which could be simpler and more directed at the 
anonymity goals.

Regards,

Zooko

---
                 zooko.com
Security and Distributed Systems Engineering
---

References:
- Re: Notes from Conversation with Roger
  - From: George Danezis <gd@theory.lcs.mit.edu>

Prev by Date: modularization and some comments (was: Notes from Conversation with Roger)
Next by Date: Re: modularization and some comments (was: Notes from Conversationwith Roger)
Prev by thread: Re: Notes from Conversation with Roger
Next by thread: modularization and some comments (was: Notes from Conversation with Roger)
Index(es):
- Date
- Thread