aan and encryption 9fs service

[GoogleCodeExporter]

make it possible to use aan and encryption for
netbooted terminals/cpu servers.

maybe have a tunnel like service started thru
aux/listen that will establish aan and tls
for the client and then just dial the local
fileserver and rely between the tunnel and the fs.

Original issue reported on code.google.com by cinap_le...@felloff.net on 29 Jun 2012 at 11:14

[GoogleCodeExporter]

Original comment by cinap_le...@felloff.net on 29 Jun 2012 at 11:15

• Added labels: Type-BlackjackAndHookers
• Removed labels: Type-FrontFellOff

[GoogleCodeExporter]

Have you seen this patches?

http://www.9legacy.org/9legacy/patch/tls-devtls-rc4-256.diff
http://www.9legacy.org/9legacy/patch/tls-devtls-sha2.diff
http://www.9legacy.org/9legacy/patch/exportfs-tls.diff

Original comment by ricardo....@gmail.com on 2 Jul 2012 at 10:37

[GoogleCodeExporter]

yes. but exportfs/import already use ssl for encryption.
these patches add tls support to exportfs. i'm not a crypto
expert, so i dont know whats the gain over the current use
of ssl.

9fs is a different matter.

Original comment by cinap_le...@felloff.net on 2 Jul 2012 at 11:07

[GoogleCodeExporter]

Since you said that TLS would be nice, I thought you have missed the patches, 
sorry about that.

Regarding TLC, it is the "successor" of SSL 3.0 as it served as basics for TLS 
1.0. The only real difference between both is that SSL connections starts 
encrypted while in TLS you start with an unencrypted "hello" string. TLS 1.0 is 
SSL 3.1. TLS is only worth if it's TLS 1.2 and up.

Original comment by ricardo....@gmail.com on 5 Jul 2012 at 9:49