The UK Home Automation Archive

Archive Home
Group Home
Search Archive


Advanced Search

The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Project] Kbd/LCD device


  • To: ukha_d@xxxxxxx
  • Subject: Re: [Project] Kbd/LCD device
  • From: patrickl@xxxxxxx
  • Date: Tue, 05 Jun 2001 08:01:46 -0000
  • Delivered-to: rich@xxxxxxx
  • Delivered-to: mailing list ukha_d@xxxxxxx
  • Mailing-list: list ukha_d@xxxxxxx; contact ukha_d-owner@xxxxxxx
  • Reply-to: ukha_d@xxxxxxx

--- In ukha_d@y..., "James Hoye" <james.hoye@s...> wrote:
> This email was delivered to you by The Free Internet,
> a Business Online Group company. http://www.thefreeinternet.net
> ---------------------------------------------------------------
> > 3. Do we need an application level checksum to verify the
integrity
> > of each command? This would prevent the use of a simple telnet
> > session to interact with a device (unless it was optional/could
be
> > turned off). Should mis-formatted commands simply be ignored or
>
> What would be neat is some sort of digital signature to guarantee
the
> authenicity of commands/packets.  Perhaps this should be catered
for in the
> protocol definition, rather than in the device data itself.

Nice idea. I _think_ a digital signature would have to be mandatory
across all devices to be meaningful security wise which is a bummer
because cross certification is expensive in software terms. An
alternative scheme is to use a trusted proxy arrangement with the
proxy pointing to the outside world which understands
DS/certificates/etc. and trust all devices within your LAN. Of course
if the proxy or LAN is compromised you're buggered.
Patrick




Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/




Home | Main Index | Thread Index

Comments to the Webmaster are always welcomed, please use this contact form . Note that as this site is a mailing list archive, the Webmaster has no control over the contents of the messages. Comments about message content should be directed to the relevant mailing list.