Peter Simons 0afcc637d7 Add support for opportunistic TCP encryption.
Set "networking.tcpcrypt.enable = true;" to enable opportunistic TCP encryption
based on the user-space tools available from <http://tcpcrypt.org>.

Network attackers come in two varieties: passive and active (man-in-the-middle).
Passive attacks are much simpler to execute because they just require listening
on the network. Active attacks are much harder as they require listening and
modifying network traffic, often requiring very precise timing that can make
some attacks impractical.

Opportunistic encryption cannot protect against active attackers, but it *does*
protect against passive attackers. Furthermore, Tcpcrypt is powerful enough to
stop active attacks, too, if the application using it performs authentication.

A complete description of the protocol extension can be found at
<http://tools.ietf.org/html/draft-bittau-tcp-crypt-00>.
2013-09-10 23:32:55 +02:00
2013-09-02 04:54:09 +00:00
2013-09-04 13:05:09 +02:00
2013-09-02 11:18:22 +02:00
2010-05-28 11:48:41 +00:00
2008-05-09 15:08:43 +00:00
2013-08-26 14:06:00 +02:00

*** NixOS ***

NixOS is a Linux distribution based on the purely functional package
management system Nix.  More information can be found at
http://nixos.org/nixos and in the manual in doc/manual.
Description
No description provided
Readme 1.5 GiB
Languages
Nix 96.3%
Shell 1.8%
Python 0.7%
Perl 0.4%
C 0.3%
Other 0.1%