Duly hijacked, massaged into a joke, and sent to family and friends. :-)
Bob
On Sep 2, 2011, at 12:14 PM, Scott Rossi wrote:
>
>> You might also want to consider a simplification of the trick that
>> Salseforce.com uses (albeit in their case, on top of SSL & username/password
>> authentication
d-d-d-d-d-drum...tshhh! :-)
On 2 Sep 2011, at 20:14, Scott Rossi wrote:
>
>> You might also want to consider a simplification of the trick that
>> Salseforce.com uses (albeit in their case, on top of SSL & username/password
>> authentication) when a user logs in via an unknown machine (my g
> You might also want to consider a simplification of the trick that
> Salseforce.com uses (albeit in their case, on top of SSL & username/password
> authentication) when a user logs in via an unknown machine (my guess is
> 'unknown IP address').
Apologies for the thread hijacking, just saw this
You might also want to consider a simplification of the trick that
Salseforce.com uses (albeit in their case, on top of SSL & username/password
authentication) when a user logs in via an unknown machine (my guess is
'unknown IP address').
The successful login is followed by a dialogue to send
Thanks for chiming in, Dave:
On 2 Sep 2011, at 16:33, Richard Gaskin wrote:
So it occurs to me that before the authentication data is sent, the first
request to the server app could be to ask for a token. This token would be a
hash (probably SHA1) of the client app's IP address, the time in
Bob Sneidar wrote:
If both ends support OpenSSH then can't you simply get the public key for the
machine the first time you connect and store that? But then of course, a wipe
and reinstall of the OS hoses that. Apple computers natively support it, but
Windows XP does not. (Not sure if Vista or
On 2 Sep 2011, at 16:33, Richard Gaskin wrote:
> So it occurs to me that before the authentication data is sent, the first
> request to the server app could be to ask for a token. This token would be a
> hash (probably SHA1) of the client app's IP address, the time in millisecs,
> and other a
If both ends support OpenSSH then can't you simply get the public key for the
machine the first time you connect and store that? But then of course, a wipe
and reinstall of the OS hoses that. Apple computers natively support it, but
Windows XP does not. (Not sure if Vista or Win7 have caught up
Bob Sneidar wrote:
What happens when you change the internet provider on either end? You need a
mechanism for re-establishing the link.
The system assumes the ISP won't be changed mid-session; the token is
used only for the current session.
--
Richard Gaskin
Fourth World
LiveCode trainin
What happens when you change the internet provider on either end? You need a
mechanism for re-establishing the link.
Bob
On Sep 2, 2011, at 9:33 AM, Richard Gaskin wrote:
> Andre Garzia wrote:
>> For the arbitrary data, use some shared secret between both instances, this
>> way, someone in th
Andre Garzia wrote:
For the arbitrary data, use some shared secret between both instances, this
way, someone in the middle can't fake the requests by simply knowing the IPs
and the milliseconds...
Just to clarify, they not only need to know the IP and milliseconds, but
must also spoof the IP a
But you would have to use a presumed shared secret and not store it. It
couldn't be something that was chosen by the end user in the process of
creating the key, because it would be discoverable.
Bob
On Sep 2, 2011, at 8:52 AM, Andre Garzia wrote:
> Richard,
>
> For the arbitrary data, use
Richard,
For the arbitrary data, use some shared secret between both instances, this
way, someone in the middle can't fake the requests by simply knowing the IPs
and the milliseconds...
On Fri, Sep 2, 2011 at 12:33 PM, Richard Gaskin
wrote:
> I need a lightweight embeddable solution for encrypti
I need a lightweight embeddable solution for encrypting socket traffic
between two LiveCode-based apps. This is peer-to-peer, so there is no
other software involved (no Apache or anything else), just two apps each
with an Internet connection, which may be anywhere in the world.
For the purpos
14 matches
Mail list logo