Re: Misc notes/thoughts.

To: Matt Cortes <link@alpha.pulsar.net>, GESTIONNAIRE DU Casino <casino@jsp.umontreal.ca>
Subject: Re: Misc notes/thoughts.
From: "Mark Wedel" <mwedel@pyramid.com>
Date: Thu, 14 Dec 1995 18:18:05 -0800
Cc: "Michael B. Martin" <martinm@mbmartin.bevc.blacksburg.va.us>, crossfire@ifi.uio.no
In-Reply-To: Matt Cortes <link@alpha.pulsar.net> "Re: Misc notes/thoughts." (Dec 14, 11:49am)
References: <Pine.LNX.3.91.951214114102.14417B-100000@alpha.pulsar.net>

On Dec 14, 11:49am, Matt Cortes wrote:
> Subject: Re: Misc notes/thoughts.
>
> Actually.  That is handled quite easily with Netrek.  Its true they don't
> share player information with other servers (I'll work on them soon too
> <G>), but they let people write their own clients, and there are clients
> that are made for the purpose of cheating, called Borg Clients.  Anyway,
> we then have what is called RSA Blessed clients and servers.  Basicly you
> can make all the clients you want, and run them on servers that don't
> insist on Blessed clients.  But if you want to make a client to run on
> all servers, the code needs to be approved, etc.  What I'm purposing here
> is that each player file be encrypted with a server key.  If I go and
> play on your server, then later I want to move to another server, say
> popular.edu, it will read my player file, find a server key that is not
> in its list of keys, and refuse my player file.  Basicly, each server has
> a list of keys they accept and/or don't accept (whatever the owner of the
> server wants) and it'll check for that key in the player file.  From that
> point maybe we could go a step further and the server that now approves
> of this player file sends it its server key, and so forth.  SO then if I
> move to popular2.edu which also doesn't support your server, so it
> refuses the first key listed, it does support popular.edu's key and lets
> me play, as well as writes its key to the player file.
>
> SO  um..  still sound stupid? :>
>
> -Matt
>
>-- End of excerpt from Matt Cortes

 As I previously said, the client/server model for crossfire was designed with
the assumption that clients are not secure - thus no extra information other
than the player should know about will be sent to the client.

 I do not ever expect to see this change - it has already been designed and
implemented this way, and I really doubt we will re-write it in any fashion.

 Also, it seems that having blessed clients actually hurts expandibility.  If a
Java client is done, can you ever really make it secure?

 Likewise, it means that clients for all machines must be compiled by a secure
person and stored in some place.

 But mainly, I fail to see any good reason why crossfire client should really
be sent non known data.

 And as previously said, in the crossfire player file you often have lots of
information that the player does not know about.  Is the same true with netrek
save files?

-- 
 --Mark

References:
- Re: Misc notes/thoughts.
  - From: Matt Cortes <link@alpha.pulsar.net>

Prev by Date: Re: reading books, another idea I am working on
Next by Date: Re: Sounds (various ideas - long)
Prev by thread: Re: Misc notes/thoughts.
Next by thread: Re: Misc notes/thoughts.
Index(es):
- Date
- Thread