[Security] TLS Certificate handling guidelines

Johansson Olle E oej at edvina.net
Wed Aug 20 07:15:43 CDT 2008


20 aug 2008 kl. 12.46 skrev Dirk Meyer:

> Yes. IMHO we should start with the question the thread started with.
> We have a connection (doesn't matter how we got it) and we want to
> open a verified TLS layer. CA signed certificate, self-signed
> certificates, web of trust, TLS-SRP. These seems to be the keywords to
> solve the problem. After we do that we may need users to remember
> passwords and save keys. How we can do that in a userfriendly way is
> step 2. But it does not hurt to keep step 2 in mind from time to
> time to not end up with users comparing key fingerprints.

And a fork to discuss guidelines for implementors :-)

Feel free to create other forks - but please change the subject!

/O


More information about the Security mailing list