quote:Originally posted by sock
BTW, exactly what stops any third-party IM client for saying "hi, I'm MSN Messenger 6.0" when signing into the .NET Messenger Service?
quote:Originally posted by Chris Boulton
They have an authentication scheme or something similar..Using an md5 hash.
What Chris said is what happens now. The authentication protocol uses md5 to check the password. What Microsoft wants to do (if I understood well) is change the protocol and use a new one. That new protocol wouldn't be public so 3rd party clients wouldn't be able to sign in. That way the can't say "hi, I'm MSN Messenger 6.0" (because they don't know how to say it )
Bah, i know that they use it for the passwords.. But what i read somewhere is that they are thinking of adding a new thing to the protocol where each client (eg Trillian, MSN Messenger) has a specified hash which is checked on the server..
But anyway, if they do it like you mentioned, the same thing will just happen.. because you can always use a proxy to monitor the events throgh msn.. they will need to encrypt it or something
(because they don't know how to say it 
)
