On Tue, Dec 16, 2008 at 3:33 PM, Tateru Nino <[email protected]> wrote: > The current protocol would mean that you couldn't rely on any cipher > block-chaining, mind. The packets can arrive out of order, and it is not > critical if some are missed, as currently specified - but the overhead > for a simple symmetrical cipher with a periodic key-exchange would be > quite low.
Yes of cause, each packet would have to be encrypted and decrypt-able with out any other packet dependencies due to the uncertain nature of UDP delivery. I quite like Argent's suggestion of encrypting the whole packet as this would not increase bandwidth as a signature would and you get small increase in privacy as a side effect, unable to sniff UDP packets without knowing the current key, so for debugging purposes you could still use SLproxy if it was able to cache the keys retrieved by caps and do the decode on the UDP and I guess for wider spread test systems eg OpenSims etc could could always rig a know decode key if you needed to sniff packets from multiple systems. Having some kind of assurance of the UDP packet source is also good for OGP/Hypergrid type situations as it makes sure the connection is authorized by at least what ever is providing the keys via caps. Robin _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/SLDev Please read the policies before posting to keep unmoderated posting privileges
