per-entity - Re: [Per-Entity] implementing a cache on the client
Subject: Per-Entity Metadata Working Group
List archive
- From: "Cantor, Scott" <>
- To: Nick Roy <>, Thomas Scavo <>, "David Walker" <>
- Cc: "" <>
- Subject: Re: [Per-Entity] implementing a cache on the client
- Date: Thu, 28 Jul 2016 22:45:56 +0000
- Accept-language: en-US
- Authentication-results: spf=pass (sender IP is 164.107.81.222) smtp.mailfrom=osu.edu; incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=bestguesspass action=none header.from=osu.edu;
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
On 7/28/16, 5:46 PM,
"
on behalf of Nick Roy"
<
on behalf of
>
wrote:
> Securing the MDQ server with the key you're using to sign metadata seems
> like the worst > possible approach because you're putting that signing key
> at risk by having it on a live, > Internet-facing server.
Probably getting into the weeds here, but sure, you'd probably chain the TLS
key off of the real key and assume that your TLS-client software can leverage
that path to verify the server, or something like that. Or it could be a
totally disjoint key.
-- Scott
- RE: [Per-Entity] implementing a cache on the client, (continued)
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Mitchell, 07/28/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, David Walker, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, David Walker, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Nick Roy, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Jorj Bauer, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 07/28/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 07/27/2016
- Re: [Per-Entity] implementing a cache on the client, Walter Forbes Hoehn (wassa), 07/27/2016
Archive powered by MHonArc 2.6.19.