Time Nick Message 03:48 MTDiscord Does minetest use self-signed certificates for it's connection? 09:24 MTDiscord there's no encryption on the udp connection 09:28 MTDiscord SRP challenge is used for the password authentication step, so it doesn't leak the password if someone is snooping...but a MITM would be able to hijack the connection 11:21 rubenwardy SRP is a PAKE so results in a shared key, if that was used for encryption/signing then you wouldn't be able to MITM. But it's not 12:42 MinetestBot 02[git] 04jeremyshannon -> 03minetest/minetest_game: Bed bugfix: Remove "reverse" toggle in favor of swap_node/set_node co… 1343185f1 https://github.com/minetest/minetest_game/commit/43185f19e386af3b7a0831fc8e7417d0e54544e7 (152023-12-24T12:41:26Z) 13:14 sfan5 was mod_storage per-world or global? the docs don't explain this 13:15 sfan5 hmm maybe 13:15 sfan5 !book mod storage 13:15 MinetestBot sfan5: Storage and Metadata - https://rubenwardy.com/minetest_modding_book/en/map/storage.html 13:15 sfan5 it doesn't say either :( 13:20 sfan5 answer: it is per-world 13:25 MTDiscord ... that probably should be documented 13:28 MTDiscord Put it into the ancient scroll 17:57 MTDiscord rubenwardy: it won't prevent MITM unless you have some way to validate the keys (like a certificate hierarchy) 17:58 MTDiscord hm wait 17:59 MTDiscord nevermind, i'm wrong 18:00 MTDiscord It can prevent MITM after a password is agreed upon, but not before 18:02 MTDiscord The lack of server authentication is still a bit concerning, but it does sound like it'd raise the barrier significantly for abuse, so if we found a good datagram-appropriate protocol to wrap MT traffic in like DTLS or wireguard or something, and a way to actually integrate it, I'd support this and I think others should too. 18:58 MTDiscord Well C55 here's the basics of the network, works pretty dang well https://youtu.be/Dfw7fqK9ueQ