[vlc-devel] Re: authentication (login/password) on multicast

Assaf Cohen assafc at eng.tau.ac.il
Tue Jul 26 10:40:26 CEST 2005 

Hi tanveer,
You might try authenticating users with a RADIUS server using 802.1X at the 
network access level,
this solution might work if you control the entire network down to the last 
switch.
This won't require any changes to VLC or any other software at the 
application level.
Authentication is done by a software called supplicant that runs on the 
user's machine, and might already be built into the OS (in Windows XP case) 
or provided based on open source (see www.open1x.org)
After authentication the user might either gain full access to the network, 
or put on a specific VLAN, or even get a specific access list attached to 
the authenticated port at the switch - the idea is to use this to control 
either the flow of multicast traffic to the client or the handling of IGMP 
join requests from the client.

currently trying to implement this solution myself,
haven't seen it working yet.

Assaf

----- Original Message ----- 
From: "tanveer" <tanveer_ash at yahoo.com>
To: <vlc-devel at videolan.org>
Sent: Tuesday, July 26, 2005 5:28 AM
Subject: [vlc-devel] Re: authentication (login/password) on multicast


Dear Remi,

Thank you for the reply.  And if were here, you could
see my big smile while reading your mail.  THIS is
exactly what I, along with my other partner, had
discussed last night.  :)  Unicast Authentication,
Encrypt - Decrypt, chances of simultaneous use etc.
I feel really great of myself that I've started
thinking like you fine ppl do.  :)

I'll definitely let you know if we can come up with
something.  Actually, I was looking for if VLC-stream,

a.k.a. VLS, has already done this kind things.
Basically we are planning for a CAS at VLS-end and
one Authenticator + some other things upon
VLC-player.

And you are quite right.  You have got my view
perfectly.  Any comments from Remi or anyone else
will be a big help for us.  If any other developer
working on this issue, I like to discuss things.

Thank you.  This list is really helpful.

-- 
tanveer

--- Rémi Denis-Courmont <courmisch at via.ecp.fr> wrote:

> Hello,
>
> Le Lundi 25 Juillet 2005 12:24, tanveer a écrit :
> > I'll have a user database, and VLC
> > player will ask, something like RADIUS, for
> > authentication.  Again, we like to stream the
> video
> > on a Multicast IP to reduce the load.  I mean, we
> > are planning to stream TV channels.  And at
> > momenets, we like to stream the recorded login
> > ID/IP from the server end so that it can be viewed
> > at User end.
>
> I can hardly imagine how you could have RADIUS and
> Multicast interact.
> Or then, you'd have to use RADIUS directly on your
> multicast routers
> (in which VLC won't be involved in access control).
>
> AFAIK, the only way to authenticate access to
> multicast streams is to
> encrypt the stream and provide the decryption key to
> authorized users
> via unicast. Of course, then, you must be prepared
> to the possibility
> that one authorized user "leak" the key to
> non-authorized users.
>
> But maybe I didn't understand what you mean.
>
> -- 
> Rémi Denis-Courmont
> http://www.simphalempin.com/home/
>


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

-- 
This is the vlc-devel mailing-list, see http://www.videolan.org/vlc/
To unsubscribe, please read http://developers.videolan.org/lists.html



-- 
This is the vlc-devel mailing-list, see http://www.videolan.org/vlc/
To unsubscribe, please read http://developers.videolan.org/lists.html

More information about the vlc-devel mailing list