tinc TODO list
Guus Sliepen
guus at sliepen.warande.net
Sun Nov 12 11:23:52 CET 2000
Some changes I would like to make:
Smart card support is really for echelon I think:
-smartcard support 1.1
+smartcard support 2.0
Compression will improve both speed and security:
-compress data before encrypting >1.1
+compress data before encrypting 1.0
These things are not really necessary for most VPN situations:
-inherit TOS flags 1.1
-send "fake" packets (chaffing) 1.1
+inherit TOS flags 2.0
+send "fake" packets (chaffing) 2.0
Sequence numbers are not necessary. Ethernet does not give any guarantees about
packet duplicition, so neither should tinc. The higher level protocols already
check for duplication. For the metaprotocol: we encrypt in cipher feedback mode,
which inherently blocks replay attacks, so no sequence numbers needed there
either:
-sequence numbers for packets & metaprotocol 1.0
Comments?
-------------------------------------------
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at sliepen.warande.net>
-------------------------------------------
See also: http://tinc.nl.linux.org/
http://www.kernelbench.org/
-------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://brouwer.uvt.nl/pipermail/tinc-devel/attachments/20001112/18b659d4/attachment.pgp
More information about the Tinc-devel
mailing list