[Sugar-devel] [PATCH] webactivity: seed the XS cookie at startup
Hal Murray
hmurray at megapathdsl.net
Thu Feb 12 14:22:07 EST 2009
> note that if the XS is acting as a proxy the cache issue can be
> addressed. The XS can get a copy of the XO client cert at
> registration time, and with it can decrypt the HTTPS traffic and
> cache the unencrypted version. this is a lot of cpu, but it's on the
> XS not the XO, so it shouldn't be as bad (and there are hardware SSL
> encryption cards available that can be put in an XS for high-volume
> situations)
I'm not a security wizard, but I get uncomfortable when anybody suggests
giving out copies of keys, certs, or passwords.
Is this an acceptable case? Why? How would you explain the subtlies to a
kid? How many adults give their passwords to phishers?
--
These are my opinions, not necessarily my employer's. I hate spam.
More information about the Sugar-devel
mailing list