No subject

once a connection is made it is bidirectional. If A initiates a connection
to B , A can be sure he/she is talking to B but the opposite isnt true .So
if B has to sure he/she is indeed talking to A , he/she has to initiate a
connection to A. Which is what torchat does to authenticate both the parties
, even if OnionCat is being used the same has to be done to ensure both the
people know who they are talking to. Am I right in my observation ??

On Mon, Dec 20, 2010 at 12:57 PM, grarpamp <grarpamp at gmail.com> wrote:

> > During preliminary testing we purely relied on communicating the
> > hidden services names (that map to OnionCat IPv6 addresses) in a
> > properly authenticated manner.
>
> OnionCat has no authentication between it and and the node it is
> running on and it's peers. It's somehwat possible though. There
> were some OC features being drafted to assist with this, though I do not
> know the current dev status on them. Till then, it's the honor system.
>
> On the big plus side, OC provides IPv6 function. Most you can
> do over native IPv6 can be do over OC over Tor (except maybe
> routing which need yet another layer).
> So you can do auth via ZRTP, ssh known-hosts, even IPSEC/IKE.
> So some good classes of bluffing are mooted by this I believe, no.
> If app has no built in and no IPSEC, then you are at risk for today.
> ***********************************************************************
> To unsubscribe, send an e-mail to majordomo at torproject.org with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
>

--0023547c8989697bfd0497d3defd
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable