On Sat, 21 Dec 2002, "Harald Massa" <HaraldMassa@ghum.de> wrote:

One idea I liked to discuss is: why not crypt the transmitted data via public / private keys?=20 So sending bad objects from somewhere would be a very hard process.

Well, you have a server trusting the client. This is usually a no-no. *Any* data you receive, no matter how well signed, should usually not be trusted to not crash your application, unless that is the kind of application you design (that is, a remote-control application).

On Sat, 21 Dec 2002, "Harald Massa" <HaraldMassa@ghum.de> wrote:

One idea I liked to discuss is: why not crypt the transmitted data via public / private keys?=20 So sending bad objects from somewhere would be a very hard process.

Well, you have a server trusting the client. This is usually a no-no. *Any* data you receive, no matter how well signed, should usually not be trusted to not crash your application, unless that is the kind of application you design (that is, a remote-control application).