> I forgot to mention: guessing is good, verifying is better. I'll bring
> up this question on the syslog WG mailing list.
I got the answer right from the source:
http://www.ietf.org/mail-archive/web/syslog/current/msg01915.html
Rainer
___
dev-tech-cry
On May 23, 8:34 am, Rainer Gerhards <[EMAIL PROTECTED]> wrote:
> On May 20, 10:38 pm, Badra <[EMAIL PROTECTED]> wrote:
> [snip]
>
> > Fingerprint-based is not secure within TLS, not specified anywhere, and it
> > is an hack.
>
> Well, it actually is (somewhat), right there in the PSK RFC, section
>
On May 20, 10:38 pm, Badra <[EMAIL PROTECTED]> wrote:
[snip]
> Fingerprint-based is not secure within TLS, not specified anywhere, and it
> is an hack.
Well, it actually is (somewhat), right there in the PSK RFC, section
1.1:
If the main goal is to avoid Public-Key Infrastructures (PKIs),
Hi Nelson,
many thanks for your very useful reply. Comments inline...
On May 22, 12:41 am, Nelson B Bolyard <[EMAIL PROTECTED]> wrote:
> Rainer Gerhards wrote,
>
> >>> [snip] I would like to authenticate
> >>> remote peers via custom authentication layed out in the standard. This
> >>> is fingerp
On May 23, 12:39 am, Julien R Pierre - Sun Microsystems
<[EMAIL PROTECTED]> wrote:
> Nelson,
>
> Nelson B Bolyard wrote:
>
> >>> Right now there is no such callback available in NSS' libssl to do what
> >>> you want.
>
> > Maybe I misunderstand the request, but I believe that libSSL offers exactly
Nelson,
Nelson B Bolyard wrote:
>
>>> Right now there is no such callback available in NSS' libssl to do what
>>> you want.
>
> Maybe I misunderstand the request, but I believe that libSSL offers exactly
> what Rainer has requested.
The way I read it, he wanted to do some "custom authentication
Rainer Gerhards wrote,
>>> [snip] I would like to authenticate
>>> remote peers via custom authentication layed out in the standard. This
>>> is fingerprint-based, very similar to SSHs leap of faith auth.
"Leap of faith auth". That's the perfect name of SSH's authentication.
Did you coin that p
On Tue, May 20, 2008 at 10:18 PM, Julien R Pierre - Sun Microsystems <
[EMAIL PROTECTED]> wrote:
> Rainer,
>
> Rainer Gerhards wrote:
> > Hi group,
> >
> > my apologies for not reading through all the docs. I have a hopefully
> > quick question and would like some short feedback before I go down
>
Hi Julien,
thanks for your reply, much appreciated. Coments inline below...
On May 20, 10:18 pm, Julien R Pierre - Sun Microsystems
<[EMAIL PROTECTED]> wrote:
> Rainer,
> > my apologies for not reading through all the docs. I have a hopefully
> > quick question and would like some short feedback
Rainer,
Rainer Gerhards wrote:
> Hi group,
>
> my apologies for not reading through all the docs. I have a hopefully
> quick question and would like some short feedback before I go down
> into all the specifics. I am working on the implementation of an
> upcoming TLS protected syslog standard. I
10 matches
Mail list logo
