[Home] [Groups] - Message: [Prev in Group] [Next in Group]
21106: Re: [MUD-Dev] SSL vs. SASL (was: UDP Revisted)
[Full Header] [Plain Text]
From: Bruce Mitchener <bruce@puremagic.com>
Newsgroups: nu.kanga.list.mud-dev
Date: Tue, 16 Oct 2001 12:06:27 -0600
References: [1] [2] [3] <-newest
Organization: Kanga.Nu
amanda@alfar.com wrote:
> For example, let's say you want to use SSL for connection setup
> and "lobby" stuff, so that you don't have to reinvent that wheel
> (and once you have an established SSL connection, can exchange a
> key for encrypting game data). This way you can offload the SSL
> processing to a hardware SSL accelerator without investing a lot
> of time and energy into that aspect of the problem. For this,
> TCP's the way to go--reinventing SSL over UDP would not bring you
> any benefit.
Have you looked at SASL?
From http://asg.web.cmu.edu/sasl/:
SASL is the Simple Authentication and Security Layer, a method
for adding authentication support to connection-based
protocols. To use SASL, a protocol includes a command for
identifying and authenticating a user to a server and for
optionally negotiating protection of subsequent protocol
interactions. If its use is negotiated, a security layer is
inserted between the protocol and the connection.
I'm not sure if it would map well onto a UDP-based protocol (it
would depend on the semantics of that protocol), but it might be
something better suited than trying to reinvent SSL-over-UDP.
SASL is an IETF standard and is being used in some other protocols
to provide authentication facilities (like the BEEP protocol).
- Bruce
_______________________________________________
MUD-Dev mailing list
MUD-Dev@kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev