<URL: http://bugs.freeciv.org/Ticket/Display.html?id=39957 >
Madeline Book wrote: > I am slightly confused here in that you change subject to the database > auth code (i.e. server/auth.[ch]) - I assume you meant the hack > mechanism. > No, I was looking at the auth code. > ... I have on more than one occasion been tempted to add a > dependence on libssl, e.g. so that even the server operator could > be considered an "untrusted party". > That would be better in some ways, but SSL/TLS involves a different problem space. I'm doubtful that we need encrypted communications, with a complete Diffie-Hellman key agreement protocol. If we did, I'd add Photuris instead.... In this case, CHAP will be OK. > With respect to preserving the hack mechanism, it is unlikely that > someone would only upgrade their client and not also their server, > so it would be safe to remove for future versions. ... > Since 2.1 clients will never be able to access 2.2 servers (they will die() on the unrecognized terrain land and water), that's a good time to introduce a replacement. Thanks you for your background information. _______________________________________________ Freeciv-dev mailing list Freeciv-dev@gna.org https://mail.gna.org/listinfo/freeciv-dev
