Some questions about SPTPS
Guus Sliepen
guus at tinc-vpn.org
Thu Jul 17 22:24:34 CEST 2014
On Thu, Jul 17, 2014 at 07:51:25PM +0100, Etienne Dechamps wrote:
> Using StrictSubnets *and* strong ADD_SUBNET authentication still doesn't
> prevent a node in the middle from intercepting your communications, because
> you have to trust something at some point. For example the middle node could
> intercept and change the public keys that transit through it.
>
> That said, I guess this works if you assume that two nodes that want to
> ensure security will exchange their public keys out-of-band in a secure
> manner to make sure middle nodes can't fiddle with them. Furthermore, it
> also implements an opportunistic "SSH-style" security model where it won't
> protect against tampering the first time you ask for a public key using the
> graph, but it will prevent any further attempt to tamper with it once a node
> has it saved (similar to how SSH host fingerprints work). Which is kinda
> cool, all things considered.
It's exactly as you say. You do need to trust something, and if you
don't pre-exchange keys tinc will do it once automatically. It never
allows a known public key to be changed without manual intervention.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140717/7f43f2a6/attachment.sig>
More information about the tinc
mailing list