[Twisted-Python] Clarification for IReactorSSL.ListenSSL(...)
waldbie at attglobal.net
Sat Apr 10 22:13:43 EDT 2004
We are trying to allow users to authenticate with the username and password.
There is really no reason other than the purpose of authentication that the
application needs to involve the trusted network at all.
I would be interested in learning how the mutual authentication you are
describing works. TLS Lite may be just what I am looking for. If this topic
is no longer really Twisted-related, I have no objections to moving the
> Are you trying to pass the username/password to the server, or
> *authenticate* with the username/password?
> If the latter, there are protocols like SRP which let you do mutual
> authentication with a password without sending it over the network -
> basically, each side proves to the other that it knows the password,
> without exposing the password in any way.
> So you get strong mutual authentication, but you don't have to mess with
> certs. TLS Lite provides this, if you're interested.
> Twisted-Python mailing list
> Twisted-Python at twistedmatrix.com
More information about the Twisted-Python