Version 2.0.0
In addition to the features outlined above, the full version 2.0 release should include:
• A fully re-written concurrent I/O path for higher performance on multi-core systems, eliminating the single core I/O bottleneck present in earlier versions.
• A redesigned command line interface that is more powerful and easier to use.
• A partial rewrite of packet encoding, decoding, and handling to reduce the amount of memory copying for higher performance and reduced memory bus overhead.
• Easier deployment of self-hosted root servers.
• A new identity type using both the existing Curve25519 and the NIST P-384 elliptic curve, with the latter being present to permit FIPS certification. Both curves are used together for key agreement in a construction that guarantees security equivalent to that of the strongest curve, meaning those with concerns about the security of NIST curves can rest assured that an attacker would also have to break Curve25519. Inclusion of a Curve25519 key in the new identity type also allows seamless backward compatibility with older type identities that use only Curve25519 key pairs.
• Continuous ephemeral key re-negotiation for forward secrecy and generally improved security bounds.
楼主
发表于 2021-1-12 09:10:41
