lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260102154957.69e86d64@kernel.org>
Date: Fri, 2 Jan 2026 15:49:57 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Lauri Jakku <lja@....fi>
Cc: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>,
 rust-for-linux@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [RFC] STCP: secure-by-default transport (kernel-level,
 experimental)

On Mon, 22 Dec 2025 20:13:40 +0200 Lauri Jakku wrote:
> STCP is an experimental, TCP-like transport protocol that integrates 
> encryption and authentication directly into the transport layer, instead 
> of layering TLS on top of TCP.
> 
> The motivation is not to replace TCP, TLS, or QUIC for general Internet 
> traffic, but to explore whether *security-by-default at the transport 
> layer* can simplify certain classes of systems—particularly embedded, 
> industrial, and controlled environments—where TLS configuration, 
> certificate management, and user-space complexity are a significant 
> operational burden.

We tend to merge transport crypto protocol support upstream if:
 - HW integration is needed; or
 - some network filesystem/block device needs it.
Otherwise user space is a better place for the implementation.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ