Security Aspects of Tinc.
Guus Sliepen
guus at sliepen.eu.org
Tue Nov 25 23:35:07 CET 2003
On Tue, Nov 25, 2003 at 02:36:20PM -0600, Shashank Khanvilkar wrote:
> Does Tinc Support the following (I have marked the ans's that I
> think I know):
>
> 1. Confidentiality: Yes (Packets are encrypted)
Yes.
> 2. Data-integrity: Yes (using digest: SHA1)
Yes.
> 3. Authentication/Non-Repudiation (Both at the session and data-packet
> level): Yes
Authentication yes, Non-Repudiation no (identity of hosts is sent
plaintext).
> 4. Anti-Replay protection: ??
Yes (authenticated sequence numbers, sliding window).
> 5. Forward Secrecy: ??
No (if you can get a private RSA key of a host you can decrypt all
trafic from the past).
> 6. Does it have a user Space Impl: ??
Yes.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at sliepen.eu.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20031125/edda1ac1/attachment.pgp
More information about the Tinc
mailing list