> Scott mentions the difficulties of revoking a compromised key. In the
> context of VNC, how difficult does this have to be? Initial host-key
> exchange is done using a "key password" which can be changed by the
> user by physically sitting at the server (or by controlling it).
> sufficient 'pre-shared secret' to foil MITM attacks. The problem
>is...suppose you install the decryption key into 100 clients for 5
>different servers. And you learn after a month that the fourth
>private key has been stolen, and you have to revoke it. It's easy
>enough for machines you have physical control over, but for remote
>clients that you only know via email....how can they verify it's
>you emailing them? :) Really, digital-identity competition is
>terribly messy.
Most of us using VNC probably only have a few potential client machines for
our server. For example, I've got three machines at the office and three
machines at home that we use VNC with. All are within our immediate
control. Are we going to hold up this entire project to handle the last 5%
of the users, or go for the "80-20 rule solution". (No big deal either way
for me, as I'm already using OpenSSH to encrypt/compress all connections.)
Dave
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
