<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Feb 5, 2014 at 9:02 PM, Bruno Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On February 5, 2014 at 5:47:24 PM, Matthias Wessendorf (<a href="mailto:matzew@apache.org">matzew@apache.org</a>) wrote:<br>
> > yeah, but that is really per variant, not global. So we would<br>
> need a lot of these secret file :-)<br>
<br>
</div>You’ve probably misunderstood what I said, but that would be silly and impractical, I didn’t say that, right? If you don’t want to require an input every time, make use of SINGLE key to encrypt the passphrases that’s what was suggested.<br>
<div class="im"><br>
><br>
><br>
><br>
> Perhaps I am wrong, but I feel that if (for iOS variants) we start<br>
> to require "password_to_my_superpassphrase" on the request<br>
> for creating the logical construct of the variant,<br>
> and use the same for the Sender, we would have that magical password, <br>
<br>
</div>That’s what I’ve already mentioned, the password MUST be provided. And there are a gazillion of solutions to the same problem outside there.<br>
<div class="im"><br>
> but I fear that this opens a new can of worms.<br>
<br>
</div>Why?<br></blockquote><div><br></div><div>isn't is a problem if some backend app has to store this password as well? In order to have their batch system (or what ever) being able to trigger push message delivery ? </div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im"><br>
><br>
><br>
> The AGPUSH-358 ticket is still yours :-) I just felt looking at<br>
> it, while reading up on our crypto bits.<br>
<br>
</div>I don’t bother whoever will solve this ticket. If you want to jump in, feel free to reassign to you, if don’t I can look at this on the next week.<br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>