RP2_68 (2012-2013)
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
certs
gnutls
libtlsd
.gitignore
README.md
_passfd.so
daemon.py
forwardtcp.py
passfd.py
root.key
test_client.py
test_server.py
tlsd.py

README.md

The current usage of TLS relies on centralized certificate authorities which poses a single point of failure and introduces unnecessary costs for signing of certificates. Within this research several existing techniques are used to build a TLS tunneling daemon that validates TLS certificates in a decentralized way. DANE will be used to validate domain certificates by matching them to the certificates stored in DNS. User certificates will be validated using a LDAP server as a PGP key server. By matching the certificates stored in this LDAP server, the client identity can be validated as well. Combining both techniques in a single daemon will allow existing applications, by using small library, to make use of the daemon and establish a reliable and secure TLS connection.