Pavel Simerda wrote: > PubSub will be on virtually every server in the future and it's > suitable for saving both private and public data. > > The only issue is: do you trust the server list? Maybe you can also > store your own signatures for the certificates? I don't understand the > precise purpose of this outline but I believe it should also include > a listing of security features it is intended to provide.
I trust the server to hold the certificates for clients that can log in at the server. If the server is bad it does not care anyway. But I do not trust the server for c2c certificates, they have to be signed by a key I trust. But we can use the same list for both cases. Keep the list of client certificates signed on a pubsub node. The server (which may not be able to verify the signature but that doesn't matter) allows all clients with such a certificate to log in. For c2c all clients use that list including the signature for authentication. Dirk -- If you explain so clearly that nobody can misunderstand, somebody will.
