Well, the more I try to understand Graal Reborn, the more convinced I become it is unsecure.
First, there is the problem of the password sent in plain text both to the listserver and gserver:
http://forums.opengraal.com/showthread.php?1421-Password-invalid&p=12771&viewfull=1#post12771
Now, even if our listserver (what about gserver?) have a secure login option, there is still the
bigger problem that the components receiving packets, thrust the connection to identify the other
side of the connection identity.
Now, I mostly know only one solution to this, and that’s Kerberos.
And even there, I mostly know the big picture, that I did read 15 or 20 years ago.
But the way I learn about it is probably the more funny way: by reading the theatre piece
about it’s design.
There is plenty of too serious, technical documents that I never did read.
But is surely more appropriate if you are the practical kind of guy.
But for people wishing to understand the big picture, let me share the theatre piece url:
http://web.mit.edu/kerberos/dialogue.html
I guess I need to reread that myself too!