Shared Half-Secret


#1

I have a program A (totally private) that talks to a program B (open
source). I would like to introduce some way to ensure B only listens
to the real A to avoid things like man-in-the-middle attacks.

Any good ideas about how I might accomplish this? Thanks.

James Edward G. II


#2

On Sat, Apr 18, 2009 at 02:48:32AM +0900, James G. wrote:

I have a program A (totally private) that talks to a program B (open
source). I would like to introduce some way to ensure B only listens to
the real A to avoid things like man-in-the-middle attacks.

SSL socket with certificate validation perhaps?


#3

On Apr 17, 2009, at 12:55 PM, Aaron P. wrote:

On Sat, Apr 18, 2009 at 02:48:32AM +0900, James G. wrote:

I have a program A (totally private) that talks to a program B (open
source). I would like to introduce some way to ensure B only
listens to
the real A to avoid things like man-in-the-middle attacks.

SSL socket with certificate validation perhaps?

Yeah, it does look like that’s all I really need. Great, I like
simple. Thanks for the idea.

James Edward G. II