Gutmann Soundwave Therapy
Perry E. Metzger
perry at piermont.com
Fri Feb 1 09:26:09 EST 2008
"James A. Donald" <jamesd at echeque.com> writes:
>> When tinc 2.0 will ever come out (unfortunately I don't have a lot of
>> time to work on it these days), it will probably use the GnuTLS library
>> and authenticate and connect daemons with TLS. For performance reasons,
>> you want to tunnel network packets via UDP instead of TCP, so hopefully
>> there is a working DTLS implementation as well then.
>
> I have been considering the problem of encrypted channels over UDP or
> IP. TLS will not work for this, since it assumes and provides a
> reliable, and therefore non timely channel, whereas what one wishes to
> provide is a channel where timeliness may be required at the expense
> of reliability.
DTLS does not assume a reliable channel -- it is designed for
applications that use UDP. Perhaps you are not familiar with it.
> I have figured out a solution, which I may post here if you are interested.
With respect, James, I think they'd be better off using DTLS. It was
designed by experts and it shares the same security properties as TLS.
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list