This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
This article has been rated as Mid-importance on the project's importance scale.
What about this "other Needham-Schroeder protocol"
Look at sec. 10.2 http://www.daimi.au.dk/~ivan/dSik/dSikw4.pdf, material for a course on security on Aarhus University, Denmark, written by Ivan Damgård. It describes another protocol suggested by Needham and Schroeder, which assumes that both users have a public key for the other, does not involve a server and is indeed insecure. And aparently the two concepts were both developed in 1978. How do these relate?
Good point. There are two different protocols suggested in the same paper. I've written them both up here - arguably the entry could be split in two, if you can be bothered with the resulting disambiguation page.