ietf
[Top] [All Lists]

Re: [saag] Is opportunistic unauthenticated encryption a waste of time?

2014-08-24 09:13:02
On 08/23/2014 06:05 PM, Bernard Aboba wrote:

However, say we're wrong and someone who thinks OS is a waste
of time is actually correct, what would such a person recommend
that we do as well as, or instead of, OS?

[BA] It depends on who we are trying to protect, and from what (or whom).  

If the target is protection of dissidents from oppressive regimes, then
you need something much more comprehensive than 'unauthenticated
opportunistic encryption" (e.g. along the lines of Tor). 

It is quite often the case that, under oppressive regimes, using
encryption technology will already flag you as "suspect" (if not
"guilty"). So in that case, you'd probably want to use something
probably want something more like a cover channel in those scenarios.

Cheers,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont(_at_)si6networks(_dot_)com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492




<Prev in Thread] Current Thread [Next in Thread>