RE: Question

Singh, Harjit \(Mission Systems\) Tue, 29 Mar 2005 08:18:09 -0800

James,
In the email you sent, when does the process of server authentication take 
place.  If server authentication takes place first, is that process encrypted?  
I am assuming that private/public key mechanism takes place in first place 
before even server authentication takes place.  
 
How is server authentication different than windows authentication.  Could I 
assume safely that both server authentication and windows authentication are  
performed securely?
 
Is the encrypted link setup in beginning will be the same for data 
communication between viewer and server?
 
Regards,
Harjit Singh


        -----Original Message----- 
        From: James Weatherall [mailto:[EMAIL PROTECTED] 
        Sent: Tue 3/29/2005 10:52 AM 
        To: Singh, Harjit (Mission Systems); vnc-list@realvnc.com 
        Cc: 
        Subject: RE: Question
        
        

        Harjit,
        
        VNC Enterprise Edition's user authentication phase is secure because it
        takes place only after a secure (encrypted, tamper-proof, etc) 
connection
        has been established between viewer and server.  If session encryption 
is
        not required then it is disabled immediately that the authentication 
phase
        has completed.
        
        The older VNC Password authentication scheme is secure simply because it
        uses a challenge-response protocol to verify the user's password, rather
        than having to pass it from viewer to server.
        
        Regards,
        
        Wez @ RealVNC Ltd.
        
        
        > -----Original Message-----
        > From: [EMAIL PROTECTED]
        > [mailto:[EMAIL PROTECTED] On Behalf Of Singh,
        > Harjit (Mission Systems)
        > Sent: 29 March 2005 15:40
        > To: vnc-list@realvnc.com
        > Subject: Question
        >
        > I am new to RealVNC and performing search on it particularly
        > with respect to security issues. I will appreciate if someone
        > could explain the process of communication sequentially
        > between RealVNC viewer and RealVNC server.  The expalnation
        > should start from beginning when VNC viewer want to
        > communicate to server and cover all the issues with respect
        > to authentication and encryption.  I figured from previous
        > emails that authentication is secure but would like to know
        > what makes it secure.
        > 
        > I will appreciate if someone could provide their telephone
        > number to contact with if possible.
        > _______________________________________________
        > VNC-List mailing list
        > VNC-List@realvnc.com
        > To remove yourself from the list visit:
        > http://www.realvnc.com/mailman/listinfo/vnc-list
_______________________________________________
VNC-List mailing list
VNC-List@realvnc.com
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list

RE: Question

Reply via email to