Some questions about SPTPS

Guus Sliepen guus at tinc-vpn.org
Thu Jul 17 22:24:34 CEST 2014


On Thu, Jul 17, 2014 at 07:51:25PM +0100, Etienne Dechamps wrote:

> Using StrictSubnets *and* strong ADD_SUBNET authentication still doesn't
> prevent a node in the middle from intercepting your communications, because
> you have to trust something at some point. For example the middle node could
> intercept and change the public keys that transit through it.
> 
> That said, I guess this works if you assume that two nodes that want to
> ensure security will exchange their public keys out-of-band in a secure
> manner to make sure middle nodes can't fiddle with them. Furthermore, it
> also implements an opportunistic "SSH-style" security model where it won't
> protect against tampering the first time you ask for a public key using the
> graph, but it will prevent any further attempt to tamper with it once a node
> has it saved (similar to how SSH host fingerprints work). Which is kinda
> cool, all things considered.

It's exactly as you say. You do need to trust something, and if you
don't pre-exchange keys tinc will do it once automatically. It never
allows a known public key to be changed without manual intervention.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140717/7f43f2a6/attachment.sig>


More information about the tinc mailing list