Re: GNUnet Name System Questions

gnunet-developers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNUnet Name System Questions

From:	Christian Grothoff
Subject:	Re: GNUnet Name System Questions
Date:	Mon, 4 Dec 2023 00:05:22 +0900
User-agent:	Mozilla Thunderbird

I am also not sure about the question, but I would say this: you shouldprobably consider using DANE [1] records to enable users to secure TLSconnections to your GNS-resolved sites. GNUnet's GNS-enabled socks proxyvalidates TLS server certificates against DANE records in GNS, andgnunet-namestore-gtk can help you create DANE records.


[1] https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities

On 12/3/23 22:04, Schanzenbach, Martin wrote:

I'm sorry I do not understand the question. How does any of this relateto GNS?
Best
Martin

On 03.12.23 09:56, retrovirus-007@juno.com wrote:
I almost forget to mention that there is a possible issue with URLhttps://IPv4_IP_address and https://[IPv6_IP_address]. SSLcertification, at least for the domain name, will not cover https://protocol and IP address combinations. Are insecure URLhttps://IPv4_IP_address and https://[IPv6_IP_address consideredpossible man-in-the-middle attack vulnerabilities?
--
Sincerely,
retrovirus-007@juno.com

[Prev in Thread]

Current Thread

[Next in Thread]

GNUnet Name System Questions, address@hidden, 2023/12/03
- Re: GNUnet Name System Questions, Schanzenbach, Martin, 2023/12/03
- Re: GNUnet Name System Questions, address@hidden, 2023/12/03
  - Re: GNUnet Name System Questions, Schanzenbach, Martin, 2023/12/03
    - Re: GNUnet Name System Questions, Christian Grothoff <=

Prev by Date: Re: GNUnet Name System Questions
Next by Date: Not able to run recent versions
Previous by thread: Re: GNUnet Name System Questions
Next by thread: Not able to run recent versions
Index(es):
- Date
- Thread