[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Stronghold, revisited

On Sun, Jul 28, 2013 at 2:16 PM, tz <[email protected]> wrote:

> For those who are too young to remember, during the "crypto is munitions"
> period where the source to strong crypto needed to be sent via FAX,
> Stronghold was a proxy that would take ordinary sessions (or I assume 40
> bit - yes, 40 bit, that was "export" strength) crypto on the browser end
> and transform it to the maximum strength on the remote end.

That was C2Net's SafePassage product, Stronghold was an Apache-based
webserver capable of strong crypto SSL.

That seems like a nice idea for today - get a router running DD-WRT or a
Raspberry Pi or similar to proxy all SSL connections and enforce the use of
PFS, watch for CA hijinks, and otherwise make a hard shell around the soft
Windows computers at the center. See, e.g.,

Greg Broiles
[email protected] (Lists only. Not for confidential communications.)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20130728/eddf9910/attachment.html>