From: Sandy Harris <sandyinchina@gmail.com>
To: Eric Curtin <ericcurtin17@gmail.com>,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Subject: Re: Looking for an open-source thesis idea
Date: Tue, 26 May 2020 15:17:54 +0800 [thread overview]
Message-ID: <CACXcFmkYtSeRMNTr=NXGK06MUyEnvaFqe_9Q11kWZq=f1ZdE_A@mail.gmail.com> (raw)
In-Reply-To: <CANpvso4V67SBKn9+SXc+H=r-H-up+GWt77K4jH5HJx9k+sR+hA@mail.gmail.com>
Eric Curtin <ericcurtin17@gmail.com> wrote:
> Hope I'm not bothering you. I'm looking for a masters thesis idea, ...
> I'm really liking this
> new QUIC (UDP) protocol as an alternative to TCP over TLS. And with
> the growth of new modern secure protocols like Wireguard. I was
> wondering, would it be an idea to do a monolithic secure TCP protocol
> (as an alternative to TCP over TLS) as a small thesis project or is it
> as hard as the guys at Google make is sound?
>
> "Because TCP is implemented in operating system kernels, and middlebox
> firmware, making significant changes to TCP is next to impossible."
I'm inclined to agree with the Google folk on that. However, what about
IPsec? That was designed to secure anything-over-IP so it should be
a more general solution. The FreeS/WAN project added opportunistic
encryption for wider availability
https://freeswan.org/freeswan_trees/freeswan-2.06/doc/intro.html#goals
Today some opportunistic encryption protocols -- SMTP-over-TLS and
HTTPS Everywhere -- are quite widespread but my impression is
that opportunistic IPsec is not. Would adding it to an open source
router be a thesis-sized project? Or, since routers likely have IPsec
already, just making it easier to deploy?
> I'm open to any other suggestions also for my thesis :)
Linux's OOM killer strikes me as a spectacularly ugly kluge,
but people who are certainly more knowledgeable and likely
more competent seem to think it is necessary. Is there a
thesis in examining it, looking at how other Unix-like systems
handle the problem & perhaps implementing an alternative
for Linux?
next prev parent reply other threads:[~2020-05-26 7:18 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-22 20:52 Looking for an open-source thesis idea Eric Curtin
2020-05-26 7:17 ` Sandy Harris [this message]
2020-05-27 11:28 ` Eric Curtin
2020-05-27 12:08 ` Sandy Harris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CACXcFmkYtSeRMNTr=NXGK06MUyEnvaFqe_9Q11kWZq=f1ZdE_A@mail.gmail.com' \
--to=sandyinchina@gmail.com \
--cc=ericcurtin17@gmail.com \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).