[jboss-dev-forums] [Design of JBoss Remoting, Unified Invokers] - Re: Remoting 3 Security
david.lloyd@jboss.com
do-not-reply at jboss.com
Thu Jul 5 13:13:52 EDT 2007
"anil.saldhana at jboss.com" wrote : 1) SSL/TLS should be available on the transport as a choice and not default.
Yes, this is what I intended to say.
"anil.saldhana at jboss.com" wrote : 2) I am interested in encryption provided as an option when the ssl setup is not acceptable and/or user just needs to avoid man-in-the-middle attacks. An issue with encryption is symmetric key management. This is where SRP is interesting. One end does userid/pwd. The server does prime numbers. They interact and agree on a session key.
| 3) SRP can be done as a JCA provider for GSS. As far as I know, SASL does challenge/response. So SRP should fit in pretty easily. There is code already written by Scott (probably in the varia module) that can be adapted.
OK, so an SASL marshaller would cover this. My understanding is clearer. Thanks for the feedback.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4060929#4060929
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4060929
More information about the jboss-dev-forums
mailing list