[sldev] Cryptographic signing of UDP packets
Argent Stonecutter
secret.argent at gmail.com
Thu Dec 18 01:32:44 PST 2008
The proposed solutions are these:
1. add a signature to each packet.
2. encrypt each packet
3. transfer money-related packets over SSL
4. wrap the entire session in an IPSEC layer
Of these, I think option 3 is most secure, most standards-compliant,
and lowest overhead. It would also be likely to increase the
reliability of money transactions at the cost of some increased
latency. Since money transactions are not real-time events, and even
many seconds of additional latency is acceptable, there's no reason
not to use it.
More information about the SLDev
mailing list