Harjit, The NT Logon Authentication (Windows Authentication) method should work with any native Windows user authentication mechanism, e.g. NT Domains, Active Directory, LDAP, etc.
Regards, Wez @ RealVNC Ltd. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Singh, > Harjit (Mission Systems) > Sent: 29 March 2005 18:22 > To: James Weatherall; [email protected] > Subject: RE: Question > > James, > > Correct me if I am wrong. I am assuming first an encrypted > session is setup using assymetric keys followed by server > authentication and windows authentication. Once all the > authentications are performed, it results in secured data > across the link. > > The server authentication for enterprise version of RealVNC > uses 2048 RSA for server along with 128 bit encryption for > link. In addition windows authentication is performed for a > user to validate user. > > 1. Could you use Sunmicrosystem LDAP one for windows user > authentication or not ? > > Thanks.. > > Harjit > > -----Original Message----- > From: James Weatherall [mailto:[EMAIL PROTECTED] > Sent: Tue 3/29/2005 11:47 AM > To: Singh, Harjit (Mission Systems); [email protected] > Cc: > Subject: RE: Question > > > > Harjit, > > The public/private key exchange *is* the server > authentication stage, and is > used as the bootstrap for the secure encrypted session. > > Please refer to my previous replies to your mailing > list messages regarding > the difference between server authentication, and > Windows Authentication. > > Yes, you can safely assume that this is all done securely. > > Regards, > > Wez @ RealVNC Ltd. > > > > -----Original Message----- > > From: Singh, Harjit (Mission Systems) > [mailto:[EMAIL PROTECTED] > > Sent: 29 March 2005 17:07 > > To: James Weatherall; [email protected] > > Subject: RE: Question > > > > James, > > In the email you sent, when does the process of server > > authentication take place. If server authentication takes > > place first, is that process encrypted? I am assuming that > > private/public key mechanism takes place in first place > > before even server authentication takes place. > > > > How is server authentication different than windows > > authentication. Could I assume safely that both server > > authentication and windows authentication are > performed securely? > > > > Is the encrypted link setup in beginning will be the same for > > data communication between viewer and server? > > > > Regards, > > Harjit Singh > > > > > > > > -----Original Message----- > > From: James Weatherall [mailto:[EMAIL PROTECTED] > > Sent: Tue 3/29/2005 10:52 AM > > To: Singh, Harjit (Mission Systems); > [email protected] > > Cc: > > Subject: RE: Question > > > > > > > > Harjit, > > > > VNC Enterprise Edition's user authentication phase is > > secure because it > > takes place only after a secure (encrypted, > > tamper-proof, etc) connection > > has been established between viewer and server. If > > session encryption is > > not required then it is disabled immediately that the > > authentication phase > > has completed. > > > > The older VNC Password authentication scheme is secure > > simply because it > > uses a challenge-response protocol to verify the user's > > password, rather > > than having to pass it from viewer to server. > > > > Regards, > > > > Wez @ RealVNC Ltd. > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf > Of Singh, > > > Harjit (Mission Systems) > > > Sent: 29 March 2005 15:40 > > > To: [email protected] > > > Subject: Question > > > > > > I am new to RealVNC and performing search on > it particularly > > > with respect to security issues. I will > appreciate if someone > > > could explain the process of communication > sequentially > > > between RealVNC viewer and RealVNC server. > The expalnation > > > should start from beginning when VNC viewer want to > > > communicate to server and cover all the > issues with respect > > > to authentication and encryption. I figured > from previous > > > emails that authentication is secure but > would like to know > > > what makes it secure. > > > > > > I will appreciate if someone could provide > their telephone > > > number to contact with if possible. > > > _______________________________________________ > > > VNC-List mailing list > > > [email protected] > > > To remove yourself from the list visit: > > > http://www.realvnc.com/mailman/listinfo/vnc-list > _______________________________________________ > VNC-List mailing list > [email protected] > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
