Can someone explain how the RSA (blessed clients) works? What prevents a man-in-the-middle attack? I was talking on #crossfire and was asked how blessed clients work and how the netrek community prevents people analyzing the client/server communication and taking the client source (cow for instance) and spoofing the authentication. I believe the public key is embedded in the binary and the private key is on the metaserver, right? What prevents a user from picking out the embedded key and using it (writing some code) to make a borg client that masquarades as a blessed binary? -- Bob Tanner <tanner at real-time.com> | Phone : (952)943-8700 http://www.mn-linux.org, Minnesota, Linux | Fax : (952)943-8500 http://www.tcwug.org, Minnesota, Wireless | Coding isn't a crime. Key fingerprint = 6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9