Hello Scott, I would review the scenario you mentioned and what I understand is that I will have see if the model described by you is how a security model works. I will also try to go through the earlier mails in this list to know more about Kaboodle and Zebedee
Thanks, Meenakshi On Sun, 8 Dec 2002 16:00:36 -0800 (PST), "meenakshi arora" <[EMAIL PROTECTED]> said: > > --- "Scott C. Best" <[EMAIL PROTECTED]> wrote: > > Date: Sat, 7 Dec 2002 21:52:57 +0000 (GMT) > > From: "Scott C. Best" <[EMAIL PROTECTED]> > > To: meenakshi arora <[EMAIL PROTECTED]> > > CC: [EMAIL PROTECTED] > > Subject: Kaboodle VPN overview > > > > Meenakshi: > > > > Hello! The biggest limitation of the current VPN > > feature > > is the lack of peer review. :) That is, I believe it > > works as follows: > > > > 1. User1 on LAN1 downloads Kaboodle and registers > > its VPN capabilities > > at www.GetEngaged.net. That is, they download a > > "registration > > file", essentially a signed secret-key. > > 2. User2 on LAN2 does the respective thing for their > > network. > > 3. User1 on LAN1 creates a Partnership file with > > User2 on the same > > site. Both users download and install the > > Partnership file, > > essentially a signed public key. > > 4. USer1 or User2 then initiate a connection. > > Kaboodle does a > > Gnutella search for the Partnership file > > associated with the > > connection. Once the file is found, it is > > authenticated on both > > sides using the secret-key information from #1. > > 5. After authentication, a "control channel" is > > setup using TCP port > > 4282. An 16-char random string is transferred > > across this channel. > > 6. Using that string as a symmetric password, a > > Zebedee connection > > is initiated from one side to the other, using a > > user-defined > > TCP port (defaults to 11965, the Zebedee > > default). > > 7. All data transactions now go across this "data > > channel". > > > > Version 0.99 (which you can get from the "alpha" > > directory > > on ftp.Kaboodle.org) should do all of this. I know > > that using that > > connection, I can do all of the above and then VNC > > across the secure > > connection (I can see from tcp-dumping the LAN > > traffic that the > > right ports are being used). I have just not > > *confirmed* that the > > security model works exactly as I have specified > > above. One of the > > coders may have, unknowingly, taken a shortcut in > > the interest of > > functionality. > > Would you be able to review such a thing? > > > > thanks, > > Scott > > > > PS: It'd be great if you could join the > > Kaboodle-devel email list. > > I've CC'd it here in my reply. > > > > On Fri, 6 Dec 2002, meenakshi arora wrote: > > > > > Hello Scott, > > > Could you please send me the list of current > > > limitations of the VPN feature which I can start > > > working on. Also If you could send me other > > features > > > limitaions too I would like to review them. > > > > > > I would be needing your guidance to chose a > > direction > > > to start. > > > > > > Thanks, > > > Meenakshi > > > > > > > __________________________________________________ > Do you Yahoo!? > Yahoo! Mail Plus - Powerful. Affordable. Sign up now. > http://mailplus.yahoo.com > -- Meenakshi Vohra [EMAIL PROTECTED] -- http://fastmail.fm - One of many happy users: http://www.fastmail.fm/docs/quotes.html ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Kaboodle-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/kaboodle-devel
