July 2005
- JOB: R&D slots at SOE San Diego Koster, Raph
- Subjective test facilities Richard A. Bartle
- Subjective test facilities Michael Hartman
- Subjective test facilities lwl@black-knight.org (Lydia Leong)
- Subjective test facilities Richard A. Bartle
- Subjective test facilities Jay Carlson
- Subjective test facilities Ben Greear
- TECH: Securing Symetric Encryption. William Leader
- TECH: Securing Symetric Encryption. lwl@black-knight.org (Lydia Leong)
- TECH: Securing Symetric Encryption. Brian Hook
Take this with a grain of salt, since I'm not a security expert, but:
On Thu, 14 Jul 2005 10:33:33 -0400, William Leader wrote:
> is not an option (mainly because I don't want the hassle of
> managing key pairs).
There's no real hassle -- the public keys are, well, public, and can
be trivially downloaded to allow for asymmetric exchange of a faster
symmetric key. This is the basis of SSL.
This system would seem to be a lot less cumbersome and error prone
than what you've outlined.
> 4) No management or generation of key pairs.
Again, I'm not sure why this is an issue -- the server needs a key
pair and no one else does. It's generated one time, and it
publishes the key for everyone else.
> 1) Both parties must know a password ahead of time
> 2) The password is vulnerable when sent by mediums such as email
Those are bad enough right there.
Brian - TECH: Securing Symetric Encryption. Michael Sims
- TECH: Securing Symetric Encryption. Amanda Walker
- TECH: Securing Symetric Encryption. William Leader
- TECH: Securing Symetric Encryption. Jeff Bachtel
- TECH: Securing Symetric Encryption. ceo
- TECH: Securing Symetric Encryption. T. Alexander Popiel
- TECH: Securing Symetric Encryption. Ben Sleek
- New game: PerplexCity ceo
- IF/Text games on new platforms Norman Beresford
- DGN: Reasons for play [was: Emergent Behaviors spawnedfrom...] cruise
- DGN: Reasons for play [was: EmergentBehaviors spawnedfrom...] cruise