James,
Correct me if I am wrong. I am assuming first an encrypted session is setup
using assymetric keys followed by server authentication and windows
authentication. Once all the authentications are performed, it results in
secured data across the link.
The server authentication for enterprise version of RealVNC uses 2048 RSA for
server along with 128 bit encryption for link. In addition windows
authentication is performed for a user to validate user.
1. Could you use Sunmicrosystem LDAP one for windows user authentication or
not ?
Thanks..
Harjit
-----Original Message-----
From: James Weatherall [mailto:[EMAIL PROTECTED]
Sent: Tue 3/29/2005 11:47 AM
To: Singh, Harjit (Mission Systems); [email protected]
Cc:
Subject: RE: Question
Harjit,
The public/private key exchange *is* the server authentication stage,
and is
used as the bootstrap for the secure encrypted session.
Please refer to my previous replies to your mailing list messages
regarding
the difference between server authentication, and Windows
Authentication.
Yes, you can safely assume that this is all done securely.
Regards,
Wez @ RealVNC Ltd.
> -----Original Message-----
> From: Singh, Harjit (Mission Systems) [mailto:[EMAIL PROTECTED]
> Sent: 29 March 2005 17:07
> To: James Weatherall; [email protected]
> Subject: RE: Question
>
> James,
> In the email you sent, when does the process of server
> authentication take place. If server authentication takes
> place first, is that process encrypted? I am assuming that
> private/public key mechanism takes place in first place
> before even server authentication takes place.
>
> How is server authentication different than windows
> authentication. Could I assume safely that both server
> authentication and windows authentication are performed securely?
>
> Is the encrypted link setup in beginning will be the same for
> data communication between viewer and server?
>
> Regards,
> Harjit Singh
>
>
>
> -----Original Message-----
> From: James Weatherall [mailto:[EMAIL PROTECTED]
> Sent: Tue 3/29/2005 10:52 AM
> To: Singh, Harjit (Mission Systems); [email protected]
> Cc:
> Subject: RE: Question
>
>
>
> Harjit,
>
> VNC Enterprise Edition's user authentication phase is
> secure because it
> takes place only after a secure (encrypted,
> tamper-proof, etc) connection
> has been established between viewer and server. If
> session encryption is
> not required then it is disabled immediately that the
> authentication phase
> has completed.
>
> The older VNC Password authentication scheme is secure
> simply because it
> uses a challenge-response protocol to verify the user's
> password, rather
> than having to pass it from viewer to server.
>
> Regards,
>
> Wez @ RealVNC Ltd.
>
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of Singh,
> > Harjit (Mission Systems)
> > Sent: 29 March 2005 15:40
> > To: [email protected]
> > Subject: Question
> >
> > I am new to RealVNC and performing search on it particularly
> > with respect to security issues. I will appreciate if someone
> > could explain the process of communication sequentially
> > between RealVNC viewer and RealVNC server. The expalnation
> > should start from beginning when VNC viewer want to
> > communicate to server and cover all the issues with respect
> > to authentication and encryption. I figured from previous
> > emails that authentication is secure but would like to know
> > what makes it secure.
> >
> > I will appreciate if someone could provide their telephone
> > number to contact with if possible.
> > _______________________________________________
> > VNC-List mailing list
> > [email protected]
> > To remove yourself from the list visit:
> > http://www.realvnc.com/mailman/listinfo/vnc-list
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
