enable MAC check on underlayer transport for node-httpp

18 views

Skip to first unread message

tom

unread,

Nov 5, 2013, 7:17:09 PM11/5/13

to iwe...@googlegroups.com, iwe...@librelist.com

HTTPS run HTTP over TLS/SSL over TCP. If midle-man-attack forge tcp-rst packet and send to both peers, the tcp connection will broken.

But, HTTPPS run HTTP over TLS over UDT, wich's user-space transport based-on UDP. So, I leverage TLS to handshake public key exchange, then got TLS session key and use TLS/session key to authenticate UDT control packet, that can avoid midle-man-attack. There is no inneed authenticate UDT data packet, which's protected by TLS.

https://github.com/InstantWebP2P/node-httpp

Best regards

Tom

Reply all

Reply to author

Forward

0 new messages