Cyprien
Visitor
|
Re:Collected Documentation - 2008/04/10 15:22
Hello,
Crypt the entire conversation is (i think) not really usefull.
But for identification i think you can do something like that.
(If flash allow that)
load_var(httpS://www.example.com/login, user, pass)
and this securised page wills end you something like
UNIQUE_IDENT_ID
you will send this ident to palabre for identification like
connect login="toto" pass="unique-ident-id"
palabre will check in ident_table if
login=xx and unique_ident_id=yy
and then (why not) delete this record from database.
Like that, if someone listen your palabre conversation, he can't log-in with your unique-ident-id because it can be used only one time.
You will have secure authentification, and next a plain conversation, without using ressource for crypting/decrypt, etc...
If flash can't load https page with load_var you can put your application into a https page, that will show after a traditionnal login page (php/python (django)/etc...) with flash_application and a variable that containt login, room_to_connect (why not) and unique_ident_id
I was doing things like that for my project.
Authentification in php, and next an ID that link to this authentification in database.
|
DOWNLOAD
FORUM
FAQ
WHAT IS IT
