Added encryption but not in the usual way. More like SSH than TLS. The eventual intention is to use a combination of DNSSEC and TXT records to prove that a server belongs to somebody. The server's public key is in the TXT record! There is prior art of a similar approach.
So when you establish a session, we use the libsodium key exchange protocol to set up a secure session. Then all future messages are encrypted between client and server safely!
Well.. I hope. I am not a security person. But they say if you use libsodium you probably can't go wrong?
Ha!
Added encryption but not in the usual way. More like SSH than TLS. The eventual intention is to use a combination of DNSSEC and TXT records to prove that a server belongs to somebody. The server's public key is in the TXT record! There is prior art of a similar approach.
So when you establish a session, we use the libsodium key exchange protocol to set up a secure session. Then all future messages are encrypted between client and server safely!
Well.. I hope. I am not a security person. But they say if you use libsodium you probably can't go wrong?
Ha!
