Hi,

we are currently planning on using coda at our university. For reasons of
simpicicity we want to share the password databse with the unix password.

I know - the RPC2 protocol ist definitely not secure enough to do so. This
is why we are currently working on some ideas:

- Authentication (Are you really my server?) via RSA, probably using the
ssh-keys.
- Encryption via blowfish instead of XOR.

The whole thing will be available on european servers, no worrying about
patents or export regulations ;)

Are you interested in this solutions? Has anyone worked on anything like
this yet? And last, but not least: Would these thing be sufficient for
security?


please cc: me on any followups, since i am not on the list

mfG

Max Berger
e-mail: max.berger_at_xslt.de

-- 
XSLT:  http://www.xslt.de/          PGP/GnuPG ID: E81592BC
Sysop: http://www7.in.tum.de/       http://phobos.fs.tum.de/pgp/max.berger.asc
FSMPI: http://www.fs.tum.de/FSMPI/  F489F8759D4132923EC4 BC7E072AB73AE81592BC