Meetings:2003-09
From GTALUG
Sitemap > People > Contact > Meetings > Meetings:2003-09
Sitemap > Meetings > History > Historical:Meetings
Opportunistic Encryption with Linux FreeS/WAN.
Presented by Sam Sgro and Claudia Schmeing.
TLUG meetings are held at UofT on the second Tuesday of each month at 7:30 pm.
- Date
- Tuesday September 9, 2003
- Time
- 7:30 pm
- Topic
- Opportunistic Encryption with Linux FreeS/WAN
- Speaker
- Sam Sgro, User Support and Build Manager
- Claudia Schmeing, Technical Documentation Author FreeS/WAN project
- Description
- Linux FreeS/WAN's Opportunistic Encryption (OE) is IPsec to any willing host, using public keys distributed via DNS. OE is currently useful primarily to prevent passive snooping of IP traffic. Its main advantage over traditional IPsec configuration (for example, using shared secrets) is that it does not require prearrangement between system administrators at each end of a potential IPsec connection. We will demonstrate OE by publishing keys in DNS and using those keys to establish a Linux FreeS/WAN connection with minimal configuration. We will then show how a sysadmin might use OE to set local IPsec security policy using FreeS/WAN's "policy groups" configuration mechanism. In the process, we will discuss challenges that OE presents to traditional notions of trust in IPsec peers. Last, we will discuss the future of OE: integrating OE with DNSsec authentication
- Location
- Room GB244, Galbraith Building, University of Toronto
- Toronto, Ontario M5S 3G8
- University of Toronto
