Quoting . . <msucka0xff at programmer.net>:

> I have new RSA keys that need to be added to the metaserver key
> list. 

I won't add them.  And by the way, the Java mkkey seems to be making
keys formatted incorrectly.  I've had to edit all of them by hand.

> I redesigned the applet so that the RSA keys are
> internal to the remote Java VM that runs on my linux server.

Now your redirector is blessed, but not the clients that the user
runs.  The user can write an info borg to his heart's content and let
you authenticate him by calling your RSA function.  True, its not
likely to happen by tonight, but its the principle of the thing.

And before you say "But I can authenticate my clients!"  You will have
the same problem RSA authentication has.

The point of internal keys is to bless the binary and to make some
effort to be sure the binary is the same as what we distributed.
Moving the key out of the .jar doesn't do that.

There seems to be no practical way to bless Java apps at the moment,
so no Java keys will be added for now.

That's not to say you can't convice the server god to add it manually.

Your key should look like this, btw:

Obstreks-RSA-Key-Java1.4.2_02:ct=Obstrek:cr=msucka0xff at programmer.net:\
   :cd=March 2004:ar=Java1.4.2_02:cl=inl,standard2:\ 
   :cm=Some random comment here:\ 
   :gk=b1183209e283c57baac600b893e4457780d5dbe897e72271f8f4e275bc8bf725:\
   :pk=197118a5329b1f04917ce899df47dfba20017d2fa965e5f6e474d04cc5c14a25:

The key you sent me won't be able to connect anywhwere.

--Carlos V.



_______________________________________________
vanilla-devel mailing list
vanilla-devel at us.netrek.org
https://mailman.real-time.com/mailman/listinfo/vanilla-devel