From: Arnt K. <ar...@c2...> - 2008-11-10 14:22:49
|
On Mon, 10 Nov 2008 09:45:00 +0000 (UTC), Martin wrote in message <gf8vqs$tsa$1...@os...>: > "Pep Ribal" wrote: > > 2008/11/10, Martin Spott <Mar...@mg...>: > > > I agree that concealing the protocol specs doesn't avoid the > > possible hacks, but just makes it harder or postpones them. > > Heh, getting a clue about your favourite network monitor's output is > probably not much harder than reading your fellow's source code :-) > So the sole reason for not publishing the protocol is just to raise > the bar a tiny little bit higher ? ..web pages can be construed as signals under the http etc protocols, and can be checked at http://validator.w3.org/ and http://jigsaw.w3.org/css-validator/ etc to verify they comply to these protocols. ..similarly, signals under your IVAO and our own protocols can be checked in the same fashion, preferably automatically, and that way help raise the security bar higher up. ..with 2 competing protocols, one public and verifiable, and another, closed and and therefore _not_ verifiable, well, ;o) may the best one win. ;o) > If you/we aim at convincing IVAO stuff to allow for the use of > FlightGear's native protocol and to maintain the suggestion of some > dubious "security" feeling, then we need to know what we're actually > talking about .... and there are certainly dozends more questions of > this nature which become relevant the closer we get to the point. -- ..med vennlig hilsen = with Kind Regards from Arnt... ;o) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. |