From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII
X-Google-Thread: 103376,a79652a22930869
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2002-01-18 02:05:52 PST
Path: 
 archiver1.google.com!news1.google.com!newsfeed.stanford.edu!cyclone.bc.net!newsfeeds.belnet.be!news.belnet.be!news.tele.dk!small.news.tele.dk!129.240.148.23!uio.no!ntnu.no!not-for-mail
From: Preben Randhol <randhol+abuse@pvv.org>
Newsgroups: comp.lang.ada
Subject: Re: Ada program needs to ping another machine.
Date: Fri, 18 Jan 2002 10:05:51 +0000 (UTC)
Organization: Norwegian university of science and technology
Message-ID: <slrna4fstu.p4.randhol+abuse@kiuk0156.chembio.ntnu.no>
References: <slrna4bc3i.2cl.randhol+abuse@kiuk0156.chembio.ntnu.no>
 <uk7uiqalf.fsf@gsfc.nasa.gov> <U3D18.952$L25.16246@news4.ulv.nextra.no>
 <slrna4e7ah.ai1.randhol+abuse@kiuk0156.chembio.ntnu.no>
 <slrna4eeje.o3e.gisle@apal.ii.uib.no>
NNTP-Posting-Host: kiuk0156.chembio.ntnu.no
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Trace: tyfon.itea.ntnu.no 1011348351 5208 129.241.83.82 (18 Jan 2002
 10:05:51 GMT)
X-Complaints-To: usenet@itea.ntnu.no
NNTP-Posting-Date: Fri, 18 Jan 2002 10:05:51 +0000 (UTC)
User-Agent: slrn/0.9.7.3 (Linux)
Xref: archiver1.google.com comp.lang.ada:19039
Date: 2002-01-18T10:05:51+00:00
List-Id: <comp.lang.ada>

On 17 Jan 2002 20:56:14 GMT, Gisle S�lensminde wrote:
> 
> Cryptography is very difficult to get right, and you should not try to
> design it yourself but rely on existing. Even using existing technology
> is not without potential problems, and without understanding of how and
> why the system is secure you may make the system unsecure. 

Yes.

> I can think of several strategies for doing this
> 
> You could use the SSL/TLS protocol and flush the socket for each byte
> you type. The TLS protocol should be secure in this case as well. 
> Even though the TLS protocol is tcp-based, you should be able to use
> the protocol. This also make it possible to authenticate the peers
> at startup of the protocol. In practice you can use the openssl library
> to do the cryptography. The AWS web server use the openssl library to
> implement the TLS/SSL layer of the https protocol. You could use 
> the AWS source as an example. Another example is the kerberos protocol.
> I would recomend this strategy. 

I think so too. SSL is usually also installed on different systems so it
would be easier to use. 

Preben
-- 
 ()   Join the worldwide campaign to protect fundamental human rights.
'||}
{||'                                           http://www.amnesty.org/