8 May 2000 ajk   » (Journeyer)

I've been drafting the Winters network protocol. I found uses to such 32-bit quantities as 4037931181 ("emergency hangup") and 4026658817 ("permission denied") [thanks dhd!]. The protocol is simple and expresses what it needs to express. I realized I can set up a separate auth server to provide new sessions for arbitrary clients if necessary, which simplifies the problem. You see, the protocol creates new sessions by negotiating their cipher and encryption key on an existing session; this avoids me having to deal with public-key cryptography in the protocol itself.

Anybody see any obvious security problems with assuming that if the client can send a known plaintext (published as part of the protocol specification) encrypted with the correct key (which is prenegotiated using channels we assume to be secure) then the client can be considered authenticated?

The next step is to implement the protocol. This should not take more than two days (famous last words!).

Advertised Advogato to Tuomas Lukka. Seems he likes it.

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!