On Fri, 28 Mar 2008 17:39:45 +0100, Frans Bouma <[EMAIL PROTECTED]> wrote:
> THis isn't a lame attempt to be funny, but what is this 'shared secret' > exactly? A license key? > > Because as mentioned before, a secret that's shared isn't really a secret. > Could you explain some more details about what this secret is all about? I can give you a fictitious example instead: you have a server which computes digits of Pi, and you want to distribute your Pi Computing Client to Pi-digit-hungry users all over the world, but you don't want the hassle of individual "registration keys". Since your Pi Computing Service should only serve your application, not your old arch-enemy Bans Frouma's rival application "Pi Komputing Klient", requests from your client to your server should be signed. What you want: the key used for signing available to your client, so it can sign messages so your Pi Computing Service knows they're the real deal. What you don't want: the key used for signing is available to anyone who installs your client, so Bans Frouma can get at it and use it in his Pi Komputing Klient. =================================== This list is hosted by DevelopMentorĀ® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
