2011/9/26 Folkert van Heusden <[email protected]>: > Imho authentication only makes sense with encryption as well. > And also: nbd should be in a seperate vlan where it doesn't interfere > (due to heavy bandwidth usage) with other protocols and vice versa.
There are several reasons for cryptography as commonly implemented: safety against modification (checksums), proof of identity (signatures), authentication (password transfer over encrypted channel, if not done through signature), and the actual encryption. If there exists an alternative secure channel to share secrets between the server and client, no public key cryptography is needed; if the secrets are not sent over but only used as input for hashes through a challenge-response scheme (and the actual data payload is already encrypted), then there needs to be no encryption to hide the secrets. What remains is safety against modification, which means the payload has to be hashed. See my other mail for some less convoluted wording. Christian. ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Nbd-general mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nbd-general
