PGP/SSL/TLS really as secure as one thinks?
Joe Abley
jabley at hopcount.ca
Fri Jun 7 15:25:36 UTC 2013
On 2013-06-07, at 11:14, Jeroen Massar <jeroen at massar.ch> wrote:
> On 2013-06-07 06:50, Dan White wrote:
> [..]
>
> A nice 'it is Friday' kind of thought....
>
>> OpenPGP and other end-to-end protocols protect against all nefarious
>> actors, including state entities.
>
> If you can't trust the entities where your data is flowing through
> because you are unsure if and where they are tapping you, why do you
> trust any of the crypto out there that is allowed to exist? :)
Defence in depth. PGP-encrypt your transport stream and send it over TLS with client- and server-side certificate validation with a restricted CA list on each endpoint. Using IPSec. Through tor. With the plain-text littered with code words that are meaningless except to your intended recipient, taken from a pre-shared (in-person) code book that changes every day.
Then your facebook sessions will be secure.
Joe
More information about the NANOG
mailing list