|
| From: | Rupert Kittinger-Sereinig |
| Subject: | Re: [Help-gnutls] Re: OpenPGP certificate verification for TLS connections |
| Date: | Mon, 16 Apr 2007 22:28:08 +0200 |
| User-agent: | Thunderbird 1.5.0.5 (X11/20060719) |
Ludovic Courtès schrieb: ...
One example: a secure messaging service could have millions of users. A gnupg keyring of this size may be a bit problematic, but a database should handle this easily. To validate a client connection in this scenario, we would need to: - check for a trusted signature (including expiry and revocation), we can keep this as simple as checking for one trusted key if we want.What do you mean by "trusted signature"? Something like an "authorization certificate" signed by a "trusted authority" (see my previous post)?
I mean trusted in the sense of the pgp trustdb. Ideally, every user should be able to configure how he wants to construct his web of trust.
E.g. for a server application, the admin could choose a handfull of "user managers" whose keys he would put in the keyring and assign ultimte trust to each one.
Another example: a user of web services could validate the server key fingerprint, and locally sign them with his own key.
- now that we know the ID is authentic, we can look it up in the database and decide what the client is allowed to do.
One more point: even if the user id is relevant and not the key, key revocation must still ber handled on a key basis. But this is only necessary for key compromise, which should be a rare event. If a user should be denied access, this can be handled via his id.
As for he content of ids, I agree with Daniel: using URIs seems the logical choice to me, at least for servers.Why? How does this derive from the authorization scheme you just sketched?
I did not want to imply that this follows from the first part, I just wanted to say I think it is the right thing to do :-)
To be more precise, I would suggest using URIs a defined in RFC 2396, section 3, without the additional restriction that the path and query components must be empty.
Since this is also a straightforward method to define how to access the server, it should be easy for the client to check.
cheers, Rupert -- Rupert Kittinger-Sereinig <address@hidden> Krenngasse 32 A-8010 Graz Austria
| [Prev in Thread] | Current Thread | [Next in Thread] |