Re: [rfbhackers] Comments on RFB 4.0 draft

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Thursday 21 February 2002 00:13, Andrew van der Stock wrote:
> our encryption. However, many embedded / PDA platforms don't have an SSL
> library, which is why secsh is sort of nice as it provides three
> functions: authentication, transport (it supports channels), and strong
> encryption. SSL only provides encryption.

IMHO the question is what the minimum requirements for the target system are.
Today even PDAs come with SSL (at least the PocketPCs), and Palms will do so
sooner or later, too. Is encryption on Palms really a critical feature?

> There's still a potential for namespace clashes with a URI style. Whether a
> name is represented by 16 bits or 16 bytes, it's still possible to use the
> same values.

Not if you use the DNS namespace. BTW have you looked at BEEP (RFC 3080). It
is also relatively complex, but resembles the whole channel mechanism of the
RFB 4.0 draft (with URIs for channels and TLS for security features). If you
use BEEP all you have to define is a profile for the encodings and the
events. It is XML-based though.

bye...