Bug in the RFB spec.
Constantin Kaplinsky
const "at" tightvnc.com
Tue May 15 02:14:01 2007
Hello Peter,
>>>>> Peter Rosin wrote:
> While implementing some vnc software I noticed a problem in the RFB
> spec (version 3.8, 5 October 2006). It fails to mention that there is
> no security result for authentication method 'None' for protocol
> version 3.3. As this differs from at least version 3.8 I think there
> should be some words on this topic in the spec.
This is documented, see the page 13 of the specification:
6.2 SECURITY TYPES
6.2.1 None
No authentication is needed and protocol data is to be sent
unencrypted.
Version 3.8 onwards The protocol continues with the SecurityResult
message.
Version 3.3 and 3.7 The protocol passes to the initialisation phase
(section 6.3).
--
With Best Wishes,
Constantin