[aerogear-dev] Question around encryption for iOS push certificate passphrase
Matthias Wessendorf
matzew at apache.org
Wed Feb 5 15:06:04 EST 2014
On Wed, Feb 5, 2014 at 9:02 PM, Bruno Oliveira <bruno at abstractj.org> wrote:
> On February 5, 2014 at 5:47:24 PM, Matthias Wessendorf (matzew at apache.org)
> wrote:
> > > yeah, but that is really per variant, not global. So we would
> > need a lot of these secret file :-)
>
> You've probably misunderstood what I said, but that would be silly and
> impractical, I didn't say that, right? If you don't want to require an
> input every time, make use of SINGLE key to encrypt the passphrases that's
> what was suggested.
>
> >
> >
> >
> > Perhaps I am wrong, but I feel that if (for iOS variants) we start
> > to require "password_to_my_superpassphrase" on the request
> > for creating the logical construct of the variant,
> > and use the same for the Sender, we would have that magical password,
>
> That's what I've already mentioned, the password MUST be provided. And
> there are a gazillion of solutions to the same problem outside there.
>
> > but I fear that this opens a new can of worms.
>
> Why?
>
isn't is a problem if some backend app has to store this password as well?
In order to have their batch system (or what ever) being able to trigger
push message delivery ?
>
> >
> >
> > The AGPUSH-358 ticket is still yours :-) I just felt looking at
> > it, while reading up on our crypto bits.
>
> I don't bother whoever will solve this ticket. If you want to jump in,
> feel free to reassign to you, if don't I can look at this on the next week.
>
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20140205/d2896850/attachment.html
More information about the aerogear-dev
mailing list