Deep in the lore of internet history, in IANA registries and mailing lists, lurks the tale of Skeeter and Bubba. Two innocent numbers that might have changed the fate of many had they been used.
Legend has it that these two legendary rednecks names were to be used for an ad-hoc TCP encryption mechanism. Each TCP flow would do some sort of Diffie-Hellman per connection, and then create a private ciphered link. Sure it has no authentication, and sure it doesn’t protect against man-in-the-middle. But, it would have actually been quite strong.
You see this would make it impractical for many traffic sniffers to operate. Since the Internet is multi-path (see OSPF ECMP for why), its also impractical for non-endpoint devices to man-in-the-middle traffic without being very close to the endpoint. Huge amounts of traffic would be more secure. Industries would have been altered or not existing.
Would it have been perfect? No, no redneck solution ever is. Would it have dramatically improved privacy and security? You betcha. Who wants to resurrect it?
You see, there are perfect solutions. And some say that perfect is the enemy of good enough. Solutions like ipsec and SSL require pre-shared keys or certificate authorities. They are hard to set up. And rarely do they authenticate both ends. This would have just worked, it would not have broken those other methods of improving security. At worst it would be no worse than status quo.
Leave a Reply