Oh. Okay. I'll check it out once. I'm pretty new to all this so I didn't know this is how SSL works.
iamak
joined 2 years ago
First of all thanks for the very detailed response. I have a few questions.
-
Like you said, why not use public key cryptography? Why is it not well supported for web-apps?
-
Why not use something like Diffie-Hellman algorithm to share the password? Signal protocol uses ECDHE so I am assuming that it's safe against mitm which the base Diffie-Hellman is vulnerable to (I might be wrong. I couldn't find if it waa vulnerable or not).
I will check it out. Thanks!
this measure of security would have been completely void...
Why not hash it server side too? I'm asking because I'm curious
Oh okay makes sense thanks!
Why would the hash be reversible? SHA256 is public and it's not reversible
Now that would be interesting :p
I think being hostile might cause anti-trust issues. I am not knowledgable enough about it though. The only MS game I play (AOE2DE) requires an additional script to be run before running the game so I can play multiplayer and don't get kicked out.
Why not hash it client side? Edit: Isn't SSL vulnerable to MITM attacks? (I am a noob in this field)
Yes but waiting to be told to shut down servers isn't :p
That's true as well. Modern "normie" computer use is 90% browser work
Oh nice. TIL Geogebra is FOSS. We use it as well. When I was in school we had Windows XP but idk what kids these days have.
Colleges have Ubuntu Yeah my college had Ubuntu as well but that was for cs
Okay. I am pretty new to this stuff so I'll go and check out SSL/TLS. Thanks :)