Hi Frank,
----- Original Message -----
> Nathan Scott <nathans@xxxxxxxxxx> writes:
>
> > [...]
> > http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html
>
> Looks good. A few suggestions:
Thanks!
> - mention the possibility of self-signed certificates, possibly
> working out an example
You mean above and beyond the self-signed cert used in the example,
I'm sure. Is that really a valid way to set up a realistic server?
I've been put off self-signing by
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
a bit I guess, but possibly I'm getting paranoid? :)
> - add code to the code (client-side changes only?) to enable clients
> to download the server certificate during a first connection, and
> store it in $HOME/.pcp/ssl, to eliminate the manual steps in the
> "Monitor Setup" section.
Thanks! (and Dave) will look into that shortly.
> - consider defaulting to PCP_SECURE_SOCKETS=1
The semantics of that env var are that if a secure connection cannot
be established, the connection fails. That seemed like the right way
to approach it (people who might want to be using this would want to
be sure it doesn't silently fallback to not-secure, in order to not
regress existing installations on upgrade).
Given that, and the requirements for backwards compatibility when we're
operating in environments with down-rev remote hosts, I'm not sure we
can switch this mode to default ... thoughts? Perhaps down the track,
when we are confident the vast majority of installations have these
capabilities (and we have gained more production-system-type confidence
in the new code!).
cheers.
--
Nathan
|