Hi, lately I had a number of complaints that H.235 password authentication with GnuGk didn't work quite as well as expected. While MD5 based authentication works OK, MD5 can't really be considered secure today and a number of endpoints don't support it. SHA1 based authentication as GnuGk currently does it is not compatible with many devices and I believe thats at least partly GnuGk's fault. What GnuGk is currently lacking completely is support for SHA256 based authentication, like eg. Polycom HDX devices support. Crypto stuff is always tricky to get right and its not practical for a single user to fund the implementation for all the work necessary to get password authentication right, just be cause one of his devices won't work with GnuGk. How about we pool together all users who would like to see better password authentication ? Please contact me, if you would like to see better authentication and if you have preferences which methods or devices should be supported. Regards, Jan -- Jan Willamowius, Founder of the GNU Gatekeeper Project EMail : jan@xxxxxxxxxxxxxx Website: http://www.gnugk.org Support: http://www.willamowius.com/gnugk-support.html Relaxed Communications GmbH Frahmredder 91 22393 Hamburg Geschäftsführer: Jan Willamowius HRB 125261 (Amtsgericht Hamburg) USt-IdNr: DE286003584 ------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
