> On Fri, 28 Mar 2008 17:39:45 +0100, Frans Bouma <[EMAIL PROTECTED]> wrote:
>
> > THis isn't a lame attempt to be funny, but what is this 'shared secret'
> > exactly? A license key?
> >
> > Because as mentioned before, a secret that's shared isn't really a secret.
> > Could you explain some more details about what this secret is all about?
>
> I can give you a fictitious example instead: you have a server which
> computes digits of Pi, and you want to distribute your Pi Computing Client
> to Pi-digit-hungry users all over the world, but you don't want the hassle
> of individual "registration keys". Since your Pi Computing Service should
> only serve your application, not your old arch-enemy Bans Frouma's rival
> application "Pi Komputing Klient", requests from your client to your server
> should be signed.
>
> What you want: the key used for signing available to your client, so it can
> sign messages so your Pi Computing Service knows they're the real deal.
>
> What you don't want: the key used for signing is available to anyone who
> installs your client, so Bans Frouma can get at it and use it in his Pi
> Komputing Klient.
So that's a typical client-side certificate SSL connection. THe TS
should read into that how that's done with public/private keypairs.
FB
===================================
This list is hosted by DevelopMentorĀ® http://www.develop.com
View archives and manage your subscription(s) at http://discuss.develop.com
