Re: [aerogear-dev] Push server...master secrets, secrets and some refactoring proposal
Ahoy, answers inline
Sebastien Blanc wrote:
Sorry dummy question but at application creation time (and when
resetting
the secret), in the response of the POST , the master secret should be
returned to the user, right ? Otherwise he will never get it.
You are correct.
And second question, I know Security is not often a good mate with UX
but ,
the console will never show the master/variant secret anymore ?
Also correct. There is nothing set in stone, is just a proposal, because
atm anyone with read access do the database could impersonate push
applications. Another alternative would be to have a single key to the
whole database and only derive the IV, but that would defeat the purpose.
In addition I discussed the possibility of make use of vaults from
Wildfly, but it's not ready yet
(http://lists.jboss.org/pipermail/security-dev/2014-April/001557.html).
Is only available for datasources. That's why I would like to hear about
the impact of this change and why the master secret/secret must be
persisted.
--
abstractj
Attachments:
- signature.asc (application/pgp-signature — 495 bytes)