[163502] in North American Network Operators' Group
Re: PGP/SSL/TLS really as secure as one thinks?
daemon@ATHENA.MIT.EDU (Joe Abley)
Mon Jun 10 08:26:31 2013
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <51B1F8CC.9070402@massar.ch>
Date: Fri, 7 Jun 2013 11:25:36 -0400
To: Jeroen Massar <jeroen@massar.ch>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2013-06-07, at 11:14, Jeroen Massar <jeroen@massar.ch> wrote:
> On 2013-06-07 06:50, Dan White wrote:
> [..]
>=20
> A nice 'it is Friday' kind of thought....
>=20
>> OpenPGP and other end-to-end protocols protect against all nefarious
>> actors, including state entities.
>=20
> If you can't trust the entities where your data is flowing through
> because you are unsure if and where they are tapping you, why do you
> trust any of the crypto out there that is allowed to exist? :)
Defence in depth. PGP-encrypt your transport stream and send it over TLS =
with client- and server-side certificate validation with a restricted CA =
list on each endpoint. Using IPSec. Through tor. With the plain-text =
littered with code words that are meaningless except to your intended =
recipient, taken from a pre-shared (in-person) code book that changes =
every day.
Then your facebook sessions will be secure.
Joe=
