On Wed, Oct 21, 2009 at 12:26 PM, Argent Stonecutter <[email protected]> wrote: > On 2009-10-20, at 19:24, Ann Otoole wrote: >> Why are people so worried? Is there a problem with having to >> register like so many suggest content creators be "in good >> standing" (registered)? > > People are worried about having to jump through some kind of code > signing hoops every time they want to test a one line change.
I'm not _only_ worried about that, but also worried and commented on the blog, that this is easily forged, so a malicious viewer could pretend to be some other 3rd party viewer and get them banned/their viewer banned. This kind of authentication relies on "some kind" of secret being distributed with a viewer so the secret would be hackable out of the good viewers code for use by the bad viewer, or even directly taken out of the binary or sniffed on the wire. The closest this type of security (shared private key) has to working is when the secret is embedded in security ASICs and even this is not completely secure. _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/SLDev Please read the policies before posting to keep unmoderated posting privileges
