10-05-2005, 08:51 PM
|
|
Registered User
|
Join Date: Apr 2004
Posts: 13
|
|
|
Yeah, it's an 'old' topic at this point, but I was curious...
wouldn't a dual key style system, similar to to PGP/GPG be a more secure alternative?
I'm not necessarily referencing the data encryption here, so much as the concept of digital signature verification.
if pubkey on server is a match for privkey on computer, then allow access.
Seems more secure than mac addresses (Which are easily forged. and definitely not secure), and potentially even more secure than computer based id systems. As I don't know the precise specs on the computer based id system, I can only speculate there.
As far as bans go, im sure that comp based id would be fine. I imagine however, that the security conscious wouldn't have a problem with something potentially more secure.
no messy ip ranges to deal with at all, however. Pubkey could be given out freely without fear of potential emulation by another less than trustworthy staff member, or pretty much anyone else for that matter. Honestly, I'd rather type in two passwords, than have to worry about having 30 wildly variable ip ranges to deal with. |
|
|
|
Threaded Mode