Argent Stonecutter wrote: > The proposed solutions are these: > > 1. add a signature to each packet. > 2. encrypt each packet > 3. transfer money-related packets over SSL > 4. wrap the entire session in an IPSEC layer > > Of these, I think option 3 is most secure, most standards-compliant, > and lowest overhead. It would also be likely to increase the > reliability of money transactions at the cost of some increased > latency. Since money transactions are not real-time events, and even > many seconds of additional latency is acceptable, there's no reason > not to use it. Option 3 also gives choices for stronger authentication.
-- Tateru Nino http://www.massively.com/ _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/SLDev Please read the policies before posting to keep unmoderated posting privileges
