On 31/1/09 15:57, Denis McCarthy wrote:
Hi Kyle,
You seem to understand my situation. Unfortunately, I think using a
hardware based TPM is out, given the heterogeneous nature of our
customer's network (and the costs involved). I'd really like to have
a machine based, password protected X509 certificate solution, as this
would be relatively easy to install as well (e.g. one of the customers
largest agents has stores across the UK, and getting to each one to
install hardware based tokens would be very costly -not to mention the
cost of the tokens themselves. If they could install a passphrase
protected certificate on the machine, they could log in remotely in to
do it). Security wise, we're happy enough to retain a
username/password scheme to identify what actual user is at the
machine. Restricting users to certain machines will cut the main
avenue for fraud in the business that currently exists (as mentioned
before this is phishing for usernames and passwords through social
engineering).
Nothing I've heard thus far has made me think that this is an
inherently bad idea, I suppose what I need is help in accomplishing it
(and preferably accomplish it in Mozilla - our application is quite
AJAXy and the Javascript speedup in Firefox 3.1 is a godsend)
Reading between the lines, your app allows transactions from anywhere,
so does not include the normal external controls (VPN). Which sort of
implies that the machines are accessible from outside, which means that
once you lock down the machines according to client certs, they become
the hot property. Then, the threat moves to viral / MITB vectors.
Given that (again, between the lines) your sales assistants are dealing
with hot consumer items, you might want to think seriously about the VPN
at some point. Or giving them thin clients without any interfaces.
iang
--
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
