Talk:UDP API DEV: Difference between revisions

Jump to navigation Jump to search

Talk:UDP API DEV (view source)

Revision as of 13:59, 30 January 2006

226 bytes added ,  30 January 2006
→‎Crypto Protocol: add note about hmac
(→‎Crypto Protocol: add response)
(→‎Crypto Protocol: add note about hmac)
Line 38: Line 38:
::If TLS really is too much overhead, I'd suggest using ESP (from IPSec) with static keying (so you don't need the additional complexity of IKE). You can encapsulate that in a UDP packet, instead of IP proto 50.
::If TLS really is too much overhead, I'd suggest using ESP (from IPSec) with static keying (so you don't need the additional complexity of IKE). You can encapsulate that in a UDP packet, instead of IP proto 50.
::I think, if you're going to give users a "secure" checkbox, it really ought to be secure. The best way to accomplish that is to use a well-understood, well-studied security protocol instead of inventing yet another. The "invent yet another" security protocols all too often turn out to be completely insecure.
::I think, if you're going to give users a "secure" checkbox, it really ought to be secure. The best way to accomplish that is to use a well-understood, well-studied security protocol instead of inventing yet another. The "invent yet another" security protocols all too often turn out to be completely insecure.
::BTW: If you're just trying to prevent password sniffing, there are already several well-studied HMAC-based protocols which do that, and do it with minimal overhead. Low enough that you could probably just use it by default.
::—[[User:Derobert|Derobert]] 14:56, 30 January 2006 (CET)
::—[[User:Derobert|Derobert]] 14:56, 30 January 2006 (CET)
Derobert
9

edits

Retrieved from "https://wiki.anidb.net/Special:MobileDiff/4995"

Navigation menu

MediaWiki spam blocked by CleanTalk.
MediaWiki spam blocked by CleanTalk.