FW: AGTk Security

Ivan R. Judson judson at mcs.anl.gov
Sun Aug 15 12:01:57 CDT 2004

This is something we should consider critical to address before 2.3 is


-----Original Message-----
From: Todd Zimmerman [mailto:toddz at sfu.ca] 
Sent: Monday, August 09, 2004 12:50 PM
To: Ivan R. Judson
Cc: Thomas D. Uram; Brian Corrie
Subject: AGTk Security

Hi Ivan,

I'm attempting to set up a secure venue for our VenueServer, and thought I'd
do some packet captures to confirm the security.  To my surprise, I saw the
encryption key in the captures (nicely XML labeled as such to

<encryptionKey xsi:type="xsd:string" id="i23" 

I've attached the captured packet as a text file.  These were captured using
Ethereal, so they are 'straight off the wire'.  I can send the entire
capture if you like....

Shouldn't the encryption key be encrypted - or is there something I am
missing here?

Thanks for your help...


Collaboration & Visualization Technician WestGrid - www.westgrid.ca IRMACS -
www.irmacs.com Ph. 604.268.6979 Todd Zimmerman - toddz at sfu.ca

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: encryption-cap.txt
URL: <http://lists.mcs.anl.gov/pipermail/ag-dev/attachments/20040815/24e08a89/attachment.txt>

More information about the ag-dev mailing list