> I'd love to see the backend connection to the directory server being > run through an SSL tunnel. Not being a programmer, though, I don't know of > the scope of effort it would take to implement that. Something for Jack to > answer.It would take a bit of effort. And it would also be totally useless. What benefit would it provide? You're publishing the information publically anyway :) jack. --- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
> A fully-encrypted connection would nearly eliminate the possibility of a > man-in-the-middle attack either hijacking the session or surreptitiously > switching bits mid-stream and changing the traffic on the fly.A man-in-the-middle attack is not easy to pull off. If you can show me why some person would be incented to attack someone like this, then maybe there is a case for it. As it stands, if you want to change the data, it's much easier to break into the directory server itself than it would be to perform a man in the middle attack in my opinion. Or easier to break into the source computer and do it there. I see no reason why anyone would go to such great lengths to alter the data in question. jack. --- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Oct 17, 2001 at 08:42:57PM -0600, Jack Moffitt wrote:> It would take a bit of effort. And it would also be totally useless. > What benefit would it provide? You're publishing the information > publically anyway :)A fully-encrypted connection would nearly eliminate the possibility of a man-in-the-middle attack either hijacking the session or surreptitiously switching bits mid-stream and changing the traffic on the fly. - -- "Nothing's the same anymore." - Cmdr. Jeffrey Sinclair, Babylon-5, "Chrysalis" -----BEGIN PGP SIGNATURE----- Comment: For info see http://www.gnupg.org iD8DBQE7zkMsAmwSMwnpLHgRAsu+AJ4zqAdOl/YvLINaOq0V/w10BWOL2wCgqzSY AfgoZN1otmDH7CTHcEfDU/k=Rei/ -----END PGP SIGNATURE----- --- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.