Editing
TheFramework
(section)
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Message Flow== * CL=client * GS=Gateway Server * AS=Auth Server * >>> CLIENT > GATEWAY Request Login: Username XXX, Password XXX, Magic=<RANDOM_BITS> SRC=CC_IP (should client send SRC IP?, it could waste space, but then again they ). * CLIENT must add the Magic to some local list of magic's to ensure someone else doesn't send a fake response. * GATEWAY Must ensure SRC is correct (or set it, of course UDP ip sources themselves can be spoofed. Does this need a handshake? Should AUTH or ). * GATEWAY must forward the request to AS. * >>> GATEWAY > AS Request Login: Username XXX, Password XXX, SRC=CC_IP. * AS checks database or something... * >>> AS > CLIENT Login OK, Magic Token (or signed thing). SRC=CC_IP * Ensure AUTH can't be DOSed by spoofed IPs. * Could require a PROOF_OF_IP_CONTROL handshake before doing the username auth stage. Should this be done by the AUTH or from the GATEWAY? * How do you prevent the PROOF_OF_IP_CONTROL itself from being a DOS attack?
Summary:
Please note that all contributions to Hegemon Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Hegemon Wiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Log in
Namespaces
Page
Discussion
English
Views
Read
Edit
Edit source
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
What links here
Related changes
Special pages
Page information