> The way authentication is handled so far in IVAO ATC (IvAc) and pilot > (IvAp) clients is a connection popup window that lets you fill VID and > password, which you can retype every time you login, or check for > "remember me". Unfortunately I don't know much more of the internals > of the software, but if you need more detail, I can hand a list of > questions to Softdev directors before proceeding with the discussion. > Alternatively I can hand you a copy of the manuals (IvAc and IvAp) so > that you have an idea of what we are talking about. Anyway, I need to > know where I can send these manuals (3+ Mb) if you are interested. Encapsulating the properties into xml that is validated against a schema is nothing that has to be invented by us or IVAO but is ready and available, fast and secure. It should give enough security for the data exchange, provided that the schema is well designed. For the transport layer, there are many proven and rock solid implementations of authenticated, encrypted and reliable communication platforms available in the open source world to solve your need. SSH (to name just one) should do a great job for the transport layer. >From my point of view, it is much more secure to use documented, well tested and widely used protocols and mechanisms than to use a home brew implementation and try to fix all the bugs faster than others find them.
Good luck Torsten ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Flightgear-devel mailing list Flightgear-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/flightgear-devel
