• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: authenticating peers
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: authenticating peers

  • Subject: Re: authenticating peers
  • From: Jens Alfke <email@hidden>
  • Date: Fri, 28 May 2010 19:34:20 -0700
On May 28, 2010, at 6:59 PM, Michael Ash wrote:

> An attacker can execute a man-in-the-middle attack...
> An attacker can simply impersonate your app...
> Neither of these can be defended against, even theoretically, when communicating peer-to-peer.

Not true; if you use SSL or some equivalent, both peers can use certificates to identify themselves. This works if either (a) the certs are signed by a reputable authority (as in the traditional use of SSL by web servers), or if (b) each peer has previously verified the other’s identity and remembered the cert (as is done by SSH.)

GameKit doesn’t do anything like this, though, although I can’t say for sure because Apple’s never published any information about the protocol used (to my knowledge).

—Jens_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: authenticating peers
      • From: Michael Ash <email@hidden>
References: 
 >isKindofClass with NSData and NSKeyUnarchiver (From: Philip Vallone <email@hidden>)
 >Re: isKindofClass with NSData and NSKeyUnarchiver (From: Ken Thomases <email@hidden>)
 >Re: isKindofClass with NSData and NSKeyUnarchiver (From: Graham Cox <email@hidden>)
 >Re: isKindofClass with NSData and NSKeyUnarchiver (From: Philip Vallone <email@hidden>)
 >Re: isKindofClass with NSData and NSKeyUnarchiver (From: Uli Kusterer <email@hidden>)
 >Re: isKindofClass with NSData and NSKeyUnarchiver (From: Jens Alfke <email@hidden>)
 >Re: isKindofClass with NSData and NSKeyUnarchiver (From: Philip Vallone <email@hidden>)
 >Re: isKindofClass with NSData and NSKeyUnarchiver (From: Michael Ash <email@hidden>)

  • Prev by Date: Re: NSURLConnection weirdiness
  • Next by Date: Help w/ first step of creating Help Book for app
  • Previous by thread: Re: isKindofClass with NSData and NSKeyUnarchiver
  • Next by thread: Re: authenticating peers
  • Index(es):
    • Date
    • Thread