Asp Forum - Shared Half-Secret

James Gray

4/17/2009 5:49:00 PM

I have a program A (totally private) that talks to a program B (open
source). I would like to introduce some way to ensure B only listens
to the real A to avoid things like man-in-the-middle attacks.

Any good ideas about how I might accomplish this? Thanks.

James Edward Gray II

2 Answers

Aaron Patterson

4/17/2009 5:56:00 PM

On Sat, Apr 18, 2009 at 02:48:32AM +0900, James Gray wrote:
> I have a program A (totally private) that talks to a program B (open
> source). I would like to introduce some way to ensure B only listens to
> the real A to avoid things like man-in-the-middle attacks.

SSL socket with certificate validation perhaps?

--
Aaron Patterson
http://tenderlovem...

James Gray

4/17/2009 6:02:00 PM

On Apr 17, 2009, at 12:55 PM, Aaron Patterson wrote:

> On Sat, Apr 18, 2009 at 02:48:32AM +0900, James Gray wrote:
>> I have a program A (totally private) that talks to a program B (open
>> source). I would like to introduce some way to ensure B only
>> listens to
>> the real A to avoid things like man-in-the-middle attacks.
>
> SSL socket with certificate validation perhaps?

Yeah, it does look like that's all I really need. Great, I like
simple. Thanks for the idea.

James Edward Gray II

comp.lang.ruby

Shared Half-Secret

James Gray

Aaron Patterson

James Gray

x Login to ForumsZone