[Security] Hosted solutions - client/user certs
Johansson Olle E
oej at edvina.net
Sun Aug 24 13:33:08 CDT 2008
24 aug 2008 kl. 20.09 skrev Dirk Meyer:
> Pavel Simerda wrote:
>> PubSub will be on virtually every server in the future and it's
>> suitable for saving both private and public data.
>> The only issue is: do you trust the server list? Maybe you can also
>> store your own signatures for the certificates? I don't understand
>> precise purpose of this outline but I believe it should also include
>> a listing of security features it is intended to provide.
> I trust the server to hold the certificates for clients that can log
> in at the server. If the server is bad it does not care anyway. But I
> do not trust the server for c2c certificates, they have to be signed
> by a key I trust. But we can use the same list for both cases. Keep
> the list of client certificates signed on a pubsub node. The server
> (which may not be able to verify the signature but that doesn't
> matter) allows all clients with such a certificate to log in. For c2c
> all clients use that list including the signature for authentication.
Certificates has no sensitive information - a signed document
with some data and a public key. The fact that I have a few
selfsigned certificates for clients might be sensitive, so the
server needs some sort of ACL for these lists. But no one can
gain access just by getting the certificates.
I would not trust the server to hold my credentials - neither
my private key or my password.
Dirk - after thinking about it for a while, I believe that the
user/cert concept is outside of the scope of the c2c communications
solution, even though they're an important concept in those cases.
The secure c2c document will have to refer to this doc, but I think
that user/client delegation requires it's own document
More information about the Security