lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ad8f797b-529a-49e2-bcda-a30d0396c1a9@lja.fi>
Date: Mon, 5 Jan 2026 17:38:28 +0200
From: Lauri Jakku <lja@....fi>
To: Jakub Kicinski <kuba@...nel.org>
Cc: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>,
 rust-for-linux@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [RFC] STCP: secure-by-default transport (kernel-level,
 experimental)

Hi All,

Jakub Kicinski kirjoitti 3.1.2026 klo 1.49:
> On Mon, 22 Dec 2025 20:13:40 +0200 Lauri Jakku wrote:
>> STCP is an experimental, TCP-like transport protocol that integrates
>> encryption and authentication directly into the transport layer, instead
>> of layering TLS on top of TCP.
>>
>> The motivation is not to replace TCP, TLS, or QUIC for general Internet
>> traffic, but to explore whether *security-by-default at the transport
>> layer* can simplify certain classes of systems—particularly embedded,
>> industrial, and controlled environments—where TLS configuration,
>> certificate management, and user-space complexity are a significant
>> operational burden.
> We tend to merge transport crypto protocol support upstream if:
>   - HW integration is needed; or
>   - some network filesystem/block device needs it.
> Otherwise user space is a better place for the implementation.

  I got Nordic Semiconductor contact, that asked if it is upcoming 
feature for kernel, the need is there (For modem use).


> .---<[ Paxsudos IT / Security Screening ]>---------------------------------------------------------------->
> | Known viruses: 3627095
> | Engine version: 1.4.3
> | Scanned directories: 0
> | Scanned files: 1
> | Infected files: 0
> | Data scanned: 0.00 MB
> | Data read: 0.00 MB (ratio 0.00:1)
> | Time: 11.383 sec (0 m 11 s)
> | Start Date: 2026:01:03 01:50:02
> | End Date:   2026:01:03 01:50:13
> | SPAM hints: []
> | SPAM hints: []
> | Message not from DMARC.
> `-------------------------------------------------------------------->
.---<[ Paxsudos IT / Security Screening ]>---------------------------------------------------------------->
| Known viruses: 3627110
| Engine version: 1.4.3
| Scanned directories: 0
| Scanned files: 1
| Infected files: 0
| Data scanned: 0.00 MB
| Data read: 0.00 MB (ratio 0.00:1)
| Time: 12.740 sec (0 m 12 s)
| Start Date: 2026:01:05 17:38:31
| End Date:   2026:01:05 17:38:43
| SPAM hints: []
| SPAM hints: []
| Message not from DMARC.
`-------------------------------------------------------------------->

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ