• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: NSURLConnection and self-signed certs?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NSURLConnection and self-signed certs?

  • Subject: Re: NSURLConnection and self-signed certs?
  • From: Zack Morris <email@hidden>
  • Date: Sun, 13 Jun 2004 15:38:46 -0600
On Jun 13, 2004, at 12:12 PM, joe pezzillo wrote:

I also realize that it is of course preferred to only access sites with validly signed/trusted certificates, but a) in practice, we don't always have that option with sites that are out there and b) even without the valid cert, those sites still provide encryption of the data in transit (yes?).

I am actually working with SSL using URLAccess so our games can communicate with our server and we can have scoring ladders and whatnot someday. The problem with not using known certs is that someone could get between you and the server, and you'd never know it. They could act as a go between, and mangle the data. This seems far fetched, we tend to think that there is nobody out on the net who would want to do this, or they would not be able to. But the odds go way up as soon as someone is behind a LAN at a college or business or whatnot, and especially if they happen to log in one day over airport at some cafe.

http://developer.netscape.com/tech/security/ssl/howitworks.html

I have a question of my own. I am thinking of putting some random data into my transactions to throw off would be hackers, mainly because unencrypted data will probably be sent over TCP/UDP at some point for the actual game communication. This data will have come from the SSL stream, and I am wondering if mathematically, there is a way to recover an encryption key if you know a sequence of bytes in the stream, and it's always at the same position. For instance, imagine a stream where the first 128 bits was things like IP, port, player name, things that can be easily guessed or deduced. Is there a way to work backwards and reconstruct the key, because you know the first 128 bits (at least for 128 bit encryption)? If there is any risk at all, then I will put random data at the start and various places in the stream. Ideally I would like to encrypt traffic between players (like a layer over NetSprocket), but after reading this article, I think my attempts would probably leave numerous holes, so perhaps it's not worth it. Thanx,

------------------------------------------------------------------------ ----
Zack Morris Z Sculpt Entertainment This Space
email@hidden http://www.zsculpt.com For Rent
------------------------------------------------------------------------ ----
If the doors of perception were cleansed, everything would appear to man as
it is, infinite. -William Blake, The Marriage of Heaven and Hell
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.

  • Follow-Ups:
    • Re: NSURLConnection and self-signed certs?
      • From: Wade Tregaskis <email@hidden>
References: 
 >NSURLConnection and self-signed certs? (From: joe pezzillo <email@hidden>)
 >Re: NSURLConnection and self-signed certs? (From: joe pezzillo <email@hidden>)

  • Prev by Date: Re: NSURLConnection and self-signed certs?
  • Next by Date: Re: NSURLConnection and self-signed certs?
  • Previous by thread: Re: NSURLConnection and self-signed certs?
  • Next by thread: Re: NSURLConnection and self-signed certs?
  • Index(es):
    • Date
    • Thread