On Wed, Sep 18, 2013 at 9:40 PM, Bruno Oliveira <bruno@abstractj.org> wrote:
I guess that what do you want is PBKDF2 aka password key derivation or
maybe hashing, right?

yep, exactly
 
That's exactly what we are trying to achieve with
"AGSEC-XX: Provide easy to use cryptography interface"

OK
 

I can't see any reasons to keep that jira on AGSEC, but it seems just a

Ok, at some point you said all 'sec related issues' should go to AGSEC, otherwise hard for you to track.
I am fine in not having it in AGSEC, if you prefer the issue to be on AGPUSH instead.

 
duplicated jira or specifics to AGPUSH. At the end of the day, AGSEC
will solve UnifiedPush, SimplePush and other issues on AeroGear, I hope.
Please read carefully the proposal and let me know.

Matthias Wessendorf wrote:
> No it has nothing to do with an iOS device at all. It's really for the
> UnifiedPush Server only.
> For iOS notification you need a certificate and a passphrase:
> https://github.com/aerogear/aerogear-unifiedpush-server#ios-variant
>
> The passphrase is stored in plain text on the server, I filed this
> ticket for adding hashing/salting.
> https://issues.jboss.org/browse/AGPUSH-210
>
> Since this is a 'security' related item I created the AGSEC-89 for the
> real work, and keeping the AGPUSH item as reference only.

--
abstractj



_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev



--
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf