Re: Cryptography problem
From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 06/23/04
- Next message: Dean Hallman: "Re: Cryptography problem"
- Previous message: Meisha: "Better Software Conference & EXPO Program Announced"
- In reply to: Gerard Bok: "Re: Cryptography problem"
- Next in thread: Dean Hallman: "Re: Cryptography problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Jun 2004 15:37:29 +0000 (UTC)
bok118@zonnet.nl (Gerard Bok) writes:
]On Tue, 22 Jun 2004 22:32:58 GMT, "Dean Hallman"
]<deanh@sc.rr.com> wrote:
]>Basically, I have a web server that can process search strings, and clients
]>that submit search strings.
]>
]>However, the client software must be *my* software (rich clients). I don't
]>want imposters, masquerading as my software and sending search packets the
]>server can't distinguish from my own
]Maybe tickets solve your problem ?
]You ship each of your rich clients with a unique ticket.
]Each request validates the ticket, supplies an answer, and a new
]ticket, to be used for the clients next request.
]You could even use the ticket as an encryption key to part of the
]message.
Sounds like a great way of really annoying your rich clients, as they loose
the tickets, etc. Ie, it is thier machine that must keep track of the
ticket, and who knows what happens on their machine.
You could use IP linking-- ie the request must come from their IP (which
maeks it useable only on one machine). You could stick a challenge response
into the software, but of course that could be worked around by a smart
hacker
- Next message: Dean Hallman: "Re: Cryptography problem"
- Previous message: Meisha: "Better Software Conference & EXPO Program Announced"
- In reply to: Gerard Bok: "Re: Cryptography problem"
- Next in thread: Dean Hallman: "Re: Cryptography problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
