2 Mar
2020
2 Mar
'20
7:35 p.m.
Are we actually talking about encrypting all the DECnet traffic, or just
authentication? I'm a little worried about the amount of computational
overhead involved in encrypting all the DECnet traffic, although I suppose
that given the trivial volume of HECnet traffic it's not a major concern.
Bob
-----Original Message-----
From: Hecnet-list [mailto:hecnet-list-bounces+bob=jfcl.com at lists.sonic.net]
On Behalf Of Paul Koning
Sent: Monday, March 2, 2020 10:27 AM
To: hecnet at update.uu.se
Subject: Re: [HECnet] Intermittent Connection with PyDECnet?
On Mar 2, 2020, at 1:05 PM, Mark J. Blair <nf6x at
nf6x.net> wrote:
> On Mar 2, 2020, at 9:45 AM, Paul Koning <paulkoning at comcast.net> wrote:
>
> It's not there currently. SSL would be easy to do in PyDECnet given the
SSL library that exists in Python. SSH tunnel not quite so much. Would SSL
be sufficient?
I would think that SSL would be fine for the link security. Would that
also provide
a mechanism for the caller to authenticate themself to the
upstream link?
The Python SSL library has a pile of support for certificates (in both
directions, as far as I can tell, so mutual authentication is possible).
Also ways to query the certificates used. This is stuff I haven't used
before so it will take some study to understand it.
paul
_______________________________________________
Hecnet-list mailing list
Hecnet-list at lists.sonic.net
https://lists.sonic.net/mailman/listinfo/hecnet-list