Re: socketServer questions

From: Paul Rubin <http://phr.cx@xxxxxxxxxxxxxx>
Date: 08 Oct 2005 14:09:00 -0700

rbt <rbt@xxxxxxxxxxxxxxxxx> writes:
> Off-topic here, but you've caused me to have a thought... Can hmac be
> used on untrusted clients? Clients that may fall into the wrong hands?
> How would one handle message verification when one cannot trust the
> client? What is there besides hmac? Thanks, rbt

I don't understand the question. HMAC requires that both ends share a
secret key; does that help? What do you mean by verification? Do you
mean you want to make sure that's really Bob logging into your
computer, even when Bob might have intentionally given his password to
someone else? It sounds like you want something like DRM. What
exactly are you trying to do?
.

Follow-Ups:
- Re: socketServer questions
  - From: rbt

References:
- socketServer questions
  - From: rbt
- Re: socketServer questions
  - From: Paul Rubin
- Re: socketServer questions
  - From: rbt
- Re: socketServer questions
  - From: Paul Rubin
- Re: socketServer questions
  - From: rbt

Prev by Date: Re: Daisy Daisy, give me your answer do
Next by Date: Re: Jargons of Info Tech industry
Previous by thread: Re: socketServer questions
Next by thread: Re: socketServer questions
Index(es):
- Date
- Thread

Relevant Pages

Re: socketServer questions
... Clients that may fall into the wrong hands? ... What is there besides hmac? ... I'm trying to keep script kiddies from tampering with a socket server. ... understanding it and then being able to forge a string that the server ...
(comp.lang.python)
Re: socketServer questions
... >> The server just logs data, ... >> want some script kiddie discovering it and trying to 'hack' it. ... > authenticate the records with the hmac module. ... Clients that may fall into the wrong hands? ...
(comp.lang.python)