[prev in list] [next in list] [prev in thread] [next in thread]
List: e-lang
Subject: Re: [e-lang] E language over I2P
From: Sam Mason <sam () samason ! me ! uk>
Date: 2008-02-29 16:20:05
Message-ID: 20080229162004.GO1653 () frubble ! xen ! chris-lamb ! co ! uk
[Download RAW message or body]
On Fri, Feb 29, 2008 at 10:52:16AM -0500, Kevin Reid wrote:
> Our plan is to rewrite CapTP and VatTP in E, and replace the
> encrypted-channel aspect of VatTP with TLS. I am currently working on
> this.
>
> My implementation will include the feature that CapTP can use
> multiple secure transports (besides VatTP); the particular use case
> of this is so that vats running on the same OS can communicate over
> anonymous streams (probably unix-domain sockets on unixoids, ??? on
> Windows) without unnecessarily using encryption.
I'm not sure if this will affect you, but there was recently a bug
reported[1] in PostgreSQL with the conclusion being that TLS should
be used for local communication as well as remote (to know who you're
actually talking to), and using a null cipher for the actual local data
transfer for performance reasons.
I think the attack may well be specific to the way that PG uses domain
sockets, but I thought it wouldn't hurt to bring it up.
Sam
[1] http://archives.postgresql.org/pgsql-hackers/2007-12/msg00826.php
_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic