Nikos Mavrogiannopoulos wrote: >> The easiest sollution seems to sign a hash value of every package with a >> asymmetric public key and check this signature at the >> receiver/retransmitter. > Actually you cannot use TLS as a protocol since you don't have peer to > peer communication to perform a handshake. You could use > gnutls_x509_privkey_sign_data() and verify_data().
However you must know that replay/reordering attacks and maybe others are possible, so care must be taken to avoid those if they apply. It might be better to check if there is already a protocol for signing broadcasted data, and follow that. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
