Linux Today: Linux News On Internet Time.

More on LinuxToday

developerWorks: Network Programming with the Twisted framework, Part 4

Sep 17, 2003, 06:00 (0 Talkback[s])
(Other stories by David Mertz)


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

"One thing the servers and clients in Parts 1, 2, and 3 had in common is that they operated completely in the clear, cryptographically speaking. Sometimes, however, you want to keep your connection free from prying eyes (or from tampering/spoofing).

"While protocols for determining permissions on server resources are interesting, for this installment I want to look at protocols involving actual wire-level encryption. But for general background, you might want to investigate Web-oriented mechanisms such as Basic Authentication, which is described in RFC-2617 and implemented in Apache and other Web servers. The Twisted package twisted.cred is a general but complex framework for providing authentication services in general-purpose Twisted servers (not limited to Web servers).

"There are two widespread APIs for wire-level encryption over the Internet: SSL and SSH. The former, SSL (Secure Sockets Layer) is widely implemented in Web browsers and Web servers; in principle, however, there is no reason SSL is specifically tied to the HTTP protocol. SSL combines a public-key infrastructure, complete with a 'web-of-trust' based on Certificate Authorities, with creation of a session key for standard symmetrical encryption during the life of a particular connection..."

Complete Story

Related Stories: