tincd.exe -K (sorry if present twice)

Guus Sliepen guus at sliepen.eu.org
Tue May 4 23:44:34 CEST 2004


On Tue, May 04, 2004 at 10:43:05PM +0200, Axel Christiansen wrote:

> >Could you tell us why you're dynamically exchanging public keys?
[...]
> After analyses of a dozen of open source VPN solutions, tinc is best for
> this and runs on many platforms. When the user has authenticated itself,
> the tinc gui sends its just created pub key and gets the pub key from
> the other side (config server) with ip paramter together. Then the files
> get written und tincd service gets startet.

If this is done via a secure protocol like HTTPS, then this is fine, and
no extra steps have to be taken.

> I understand, i must do something about the parameter exchange
> integrity.
> 
> Would this be sufficient? :
> 
> A pool of pgp keys. The public part of the keys static in
> the client software.

If you do that, you (and/or the client) have to make sure that the
client software has not been altered when the client receives it,
otherwise an attacker could replace the keys with its own and set up a
man-in-the-middle attack.

[...]
> This is some kind of 3 party key exchange. I just do not have the
> knowledge to do x509. Using gnupg sounds clearer to me.

It doesn't really matter how you do it, but keep in mind that the client
(I mean a human here) must be able to verify that it got the server's
key, and a human on the server side must be able to verify that it got
the client's key. HTTPS is good for this, the client can verify the
server's SSL certificate when logging in to the secure website, and the
server can verify the password the client provides. GnuPG is good, but
only if you use keys that have been personally verified and signed by
both sides. Same goes for X.509. If one or both sides can't verify that
they really got the key from the other one, you have a security hole,
and then most of the rest you're doing is pointless.

-- 
Met vriendelijke groet / with kind regards,
    Guus Sliepen <guus at sliepen.eu.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20040504/eeb161cb/attachment.pgp


More information about the tinc mailing list