Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] opportunistic encryption with IPv6

Eugen Leitl eugen at
Sun Jun 9 10:49:19 PDT 2013

Native IPv6 deployment is on an exponential

Unlike IPv4, IPv6 has had encryption as part
of the specs, but no opportunistic ways to
set up an encrypted session.

There have been efforts like
which did not suffer from scaling issues
(no need for additional high threshold of
entry technologies like DNS or PKI) yet never 
achieved critical mass.

In the light of recent IPv6 growth there is
obviously considerable value in *working* IPv6
opportunistic session setups in open source
operating systems (Linux, *BSD) as it would
require active attacks to listen on a
connection (which are expensive and detectable 
in principle) instead of passive and hence 
undetectable traffic interception of cleartext.

Perhaps such a project would be of interest
to some parties on this list.

P.S. A darknet-like approach which also
uses IPv6 (but can tunnel over IPv4) is

More information about the liberationtech mailing list