| Subject | Re: [Firebird-Architect] RC4 |
|---|---|
| Author | Adriano dos Santos Fernandes |
| Post date | 2010-11-14T22:29:27Z |
On 14-11-2010 20:23, Jim Starkey wrote:
described is far from this because it's susceptible to one of the most
common attacks: man in the middle.
If I'm connecting on the server of man LAN and the side guy intercept
the traffic since the connection start, he can sniff all the connection.
Is this something out the requirements being discussed?
You're scheme just protect established connections. It don't protect the
connection start.
Adriano
>I understood it's being discussed a secure remote protocol. What you
> Is it your position that certificates should be part of the Firebird
> security architecture, or this is just another random objection to doing
> something?
>
described is far from this because it's susceptible to one of the most
common attacks: man in the middle.
If I'm connecting on the server of man LAN and the side guy intercept
the traffic since the connection start, he can sniff all the connection.
Is this something out the requirements being discussed?
You're scheme just protect established connections. It don't protect the
connection start.
Adriano