unity-src
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Unity-SRC] Server to server authentication


From: Jan Krueger
Subject: Re: [Unity-SRC] Server to server authentication
Date: Sat, 23 Aug 2003 13:14:58 +0200

Hi,

> What if we go with the SSL option but old style networks (can't remember
> what they are going to be called in SRC) could apply for a network
> Certificate from the SRC Root CA then they can generate Certificates for
> their servers, that way we would take the load off of us generating
> Certificates for everyone?
That would really eliminate the huge advantage SRC has over IRC--the
possibility of global communication.

Supposedly, this would lead again to small networks with some servers each,
but since all of those only have a certificate of their "network",
communication with other servers becomes impossible because their certificate
isn't trusted.

Anyway, to stay with the SSL idea, we could appoint several certificate
authorities and include all of their certificates in software releases, but
that's still not too good. We'd need some major infrastructure in the
background to provide access to all trusted certificates to server
administrators. Additionally, this would make it really easy to construct
proprietary SRC networks for commercial purposes (which can't really be
avoided anyway, but do we want to make it that easy for those people?).

As you can see, many things need to be considered. Perhaps if we do not use
SSL but rather something similar like OpenPGP signatures, we could abuse their
facilities for the distribution of keys and even the "web of trust" mechanism
(servers completely trust our certification key and less complete trust is
automatically applied to all keys directly signed by ours, or something like
that).
If we decided to use a web of trust like mechanism, more theoretical efforts
would have to go into this at some point. Also, should we agree to use PGP
over SSL, we could stop thinking about supporting SSL at all.

There's still the alternative: don't bother about certificates or signatures
and just go by reverse DNS hostnames (which should provide a mildly secure
authentication too), or support both so getting a server into the network
isn't too hard.

> If this sounds really stupid to anyone then just slap me! :)
If you don't stop apologising for suggesting things, I will. :P

Jan

Attachment: pgpXrUJWo8ImX.pgp
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]