[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-panel-devel
Subject:    Re: Network transparancy api review.
From:       "Aaron J. Seigo" <aseigo () kde ! org>
Date:       2009-06-24 2:16:34
Message-ID: 200906232016.43012.aseigo () kde ! org
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


On Tuesday 23 June 2009, Rob Scheepmaker wrote:
> On Tuesday 23 June 2009 19:42:55 Fabrizio Montesi wrote:
> > On Tue, Jun 23, 2009 at 7:05 PM, Rob Scheepmaker <
> >
> > r.scheepmaker@student.utwente.nl> wrote:
> > > Hello everybody,
> > >
> > > [cut]
> >
> > Hi Rob,
> > just a quick comment about identifying remote machines. What about
> > combining public key authentication with the bluetooth pairing method
> > (the host writes a PIN, the client is asked for the PIN, the two PINs
> > must match)?
> > This way if the user is too lazy to check the public key we reduce
> > greatly the attacker's possibilities. Using this approach we'd have to
> > face the fact that a lazy user could write "1234" as a PIN, too: the host
> > side UI for writing the PIN should warn the user that things like "1234"
> > are not such a good idea.
>
> A quite good idea. So the first time we receive a new key we ask for a
> password at both sides which have to match. And if the key is already there
> then this step isn't necesarry. I'll think about how to integrate this
> nicely with the api.

this only works, of course, when there's a human pairing the two devices that 
are within reach/sight. it must also be possible for one side of the 
transaction to be a machine hidden in a wall. :)

-- 
Aaron J. Seigo
humru othro a kohnu se
GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA  EE75 D6B7 2EB1 A7F1 DB43

KDE core developer sponsored by Qt Software


["signature.asc" (application/pgp-signature)]

_______________________________________________
Plasma-devel mailing list
Plasma-devel@kde.org
https://mail.kde.org/mailman/listinfo/plasma-devel


[prev in list] [next in list] [prev in thread] [next in thread]