Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!uunet!auspex!guy
From: guy@auspex.UUCP (Guy Harris)
Newsgroups: comp.windows.x
Subject: Re: Security extensions to X
Message-ID: <2721@auspex.UUCP>
Date: 15 Dec 89 22:51:12 GMT
References: <8912072350.AA26289@kanga.lcs.mit.edu> <41053@lll-winken.LLNL.GOV>
Reply-To: guy@auspex.auspex.com (Guy Harris)
Organization: Auspex Systems, Santa Clara
Lines: 11

>One possibility is to persue a similar tact as that used by SUN for
>secure NFS.  Use DES (or better) encrypted TCP/IP, each pair of nodes for
>which secure communication must occur share a key for the link.
>TCP/IP packets evidently have source and destination address fields, and one
>simply encripts the data in the packet according to the agreed upon key
>between the two nodes.

(Just so nobody gets the wrong idea, Sun's secure RPC doesn't encrypt
data; it just encrypts credentials and verifiers to make it harder to
spoof the server into thinking you're somebody you're not.  The data
still goes over the wire in the clear.)