aan_and_encryption_9fs_service

Fri, 18 Sep 2015 15:45:18 EDT
cinap_lenrek@[REDACTED]

make it possible to use aan and encryption for netbooted terminals/cpu servers.

maybe have a tunnel like service started thru aux/listen that will establish aan and tls for the client and then just dial the local fileserver and rely between the tunnel and the fs.


discussion:

Jul 2, 2012 #2 ricardo….@gmail.com Have you seen this patches? http://www.9legacy.org/9legacy/patch/tls-devtls-rc4-256.diff http://www.9legacy.org/9legacy/patch/tls-devtls-sha2.diff http://www.9legacy.org/9legacy/patch/exportfs-tls.diff

Jul 2, 2012 Project Member #3
cinap_le…@[REDACTED] yes. but exportfs/import already use ssl for encryption. these patches add tls support to exportfs. i’m not a crypto expert, so i dont know whats the gain over the current use of ssl. 9fs is a different matter.

Jul 5, 2012 #4 ricardo….@gmail.com Since you said that TLS would be nice, I thought you have missed the patches, sorry about that. Regarding TLC, it is the “successor” of SSL 3.0 as it served as basics for TLS 1.0. The only real difference between both is that SSL connections starts encrypted while in TLS you start with an unencrypted “hello” string. TLS 1.0 is SSL 3.1. TLS is only worth if it’s TLS 1.2 and up.