Would it make sense to encrypt the connection between the client and the server? I'm particularly concerned about the sending of passwords in plaintext, as they're probably the same as other user passwords in most cases.

It would be fairly simple to wrap the server side with stunnel, but without built-in client support, this wouldn't do any good.

I've never used openssl or similar libraries, but that would seem like the right approach. I doubt that the added overhead would cause latency or cpu load issues.

_______________________________________________
crossfire mailing list
crossfire@metalforge.org
http://mailman.metalforge.org/mailman/listinfo/crossfire

Reply via email to