Re: Secure connections writeup

pcp

Re: Secure connections writeup - please review

To:	Nathan Scott <nathans@xxxxxxxxxx>
Subject:	Re: Secure connections writeup - please review
From:	"Frank Ch. Eigler" <fche@xxxxxxxxxx>
Date:	Mon, 4 Feb 2013 09:34:38 -0500
Cc:	PCP <pcp@xxxxxxxxxxx>
Delivered-to:	pcp@xxxxxxxxxxx
In-reply-to:	<1649221790.16129979.1359956800185.JavaMail.root@xxxxxxxxxx>
References:	<y0m7gmsawtz.fsf@xxxxxxxx> <1649221790.16129979.1359956800185.JavaMail.root@xxxxxxxxxx>
User-agent:	Mutt/1.4.2.2i

Hi -

nathans wrote:
> > - mention the possibility of self-signed certificates, possibly
> >   working out an example
> 
> You mean above and beyond the self-signed cert used in the example,
> I'm sure.  

I only see "obtain and install a certificate ..." in the writeup, not
anything about *how*.

> Is that really a valid way to set up a realistic server? [...]

It's obviously not applicable everywhere, but in other places, it's
better than no encryption at all.

> [...]
> > - consider defaulting to PCP_SECURE_SOCKETS=1
> 
> The semantics of that env var are that if a secure connection cannot
> be established, the connection fails.  [...]

That could be changed, or a different value could be invented with a
"prefer but not require ssl" meaning.  The idea would be to get a
as-secure-as-possible-by-default kind of situation.

- FChE

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Secure connections writeup - please review, Nathan Scott Re: Secure connections writeup - please review, Frank Ch. Eigler Re: [pcp] Secure connections writeup - please review, Dave Brolley Re: Secure connections writeup - please review, Nathan Scott Re: [pcp] Secure connections writeup - please review, Ken McDonell Re: Secure connections writeup - please review, Frank Ch. Eigler <= Re: Secure connections writeup - please review, Nathan Scott Re: Secure connections writeup - please review, Nathan Scott QA status (was Re: Secure connections writeup - please review), Nathan Scott Re: QA status (was Re: Secure connections writeup - please review), Dave Brolley Re: [pcp] QA status (was Re: Secure connections writeup - please review), Nathan Scott Re: [pcp] QA status (was Re: Secure connections writeup - please review), Dave Brolley Port registration (was Re: [pcp] QA status), Nathan Scott Re: Port registration (was Re: [pcp] QA status), Frank Ch. Eigler Re: Port registration (was Re: [pcp] QA status), Nathan Scott Re: Port registration (was Re: [pcp] QA status), Dave Brolley

Previous by Date:	Re: [pcp] Secure connections writeup - please review, Ken McDonell
Next by Date:	Re: Secure connections writeup - please review, Nathan Scott
Previous by Thread:	Re: [pcp] Secure connections writeup - please review, Ken McDonell
Next by Thread:	Re: Secure connections writeup - please review, Nathan Scott
Indexes:	[Date] [Thread] [Top] [All Lists]