I have a server macOS app which publishes a service via NSNetService.
And a client iOS app which finds this service via NSNetServiceBrowser.
Then the client sends commands to the server via NSOutputStream and receives
data from the server via NSInputStream.
All this works fine - but there is currently no security at all.
I would like to achieve these goals:
1. (important) the client really wants to know that:
(1a) it is talking to the right server and not to some evil entity
masquerading as the real server.
(1b) the data it receives has not been tampered with on the way.
2. (less important) the server might want to know that the client connecting to
it is a valid client.
This might help if there are thousands of fake clients overwhelming the
server with fake requests.
But this is a kind of unlikely scenario.
3. (hardly important at all) no one can read the data exchanged.
The data exchanged it really not sensitive.
I have no experience with security.
Can anybody point me in the right direction?
Gerriet.
_______________________________________________
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
