Sigh
Its been a while since I've made one of these.
So basically, I'm remaking the internet in Snap!.
The client makes a request to the server, and the server responds to the client with the requested content. I'm doing this using MQTT.
The problem is, I don't know how to make sure the content the client is receiving is actually from the server requested (a malicious server spoofing responces). I want to solver this problem by doing something like an SSL certificate in Snap!, but I have no idea how I would do that. Any Ideas?
To begin, you can configure the MQTT broker (server) UNDER YOUR CONTROL to require user and password authentication.
For a free public broker you may use payload signing/encrypting as described
Full-blown PKI/RSA cryptography may be a slight overkill for the intended purpose, but some secret (a key) shared between any two parties can be easily used.
I'm not aware of any ready-made component to do encryption. but even simple XOR may be suitable.
There are some extra info.