[Twisted-Python] Re: How to make a secure connection between two computers

Jean-Paul Calderone exarkun at divmod.com
Tue Feb 12 18:14:36 EST 2008

On Wed, 13 Feb 2008 01:04:28 +0200, Noam Raphael <noamraph at gmail.com> wrote:
> [snip]
>Well, in TLS, after handshaking, both sides have a shared secret they
>use for communication. I just skip the handshaking. (I do have a
>challenge-response in the protocol, so I don't think replaying will
>work.) But I did forget about hashing the data, so here's a better

When you invented a new crypto protocol, the default is that you have
lost.  Sorry, that's just how it goes.  I already see one weakness in
your code, as compared to SSL.  I'm sure there are more.  Google Gutmann
sound wave therapy if you need further convincing.

Even if you don't use Twisted, use SSL.


More information about the Twisted-Python mailing list