Re: [aerogear-dev] Security.next - Encrypt all the things and your feedback
I guess that what do you want is PBKDF2 aka password key derivation or
maybe hashing, right? That's exactly what we are trying to achieve with
"AGSEC-XX: Provide easy to use cryptography interface"
I can't see any reasons to keep that jira on AGSEC, but it seems just a
duplicated jira or specifics to AGPUSH. At the end of the day, AGSEC
will solve UnifiedPush, SimplePush and other issues on AeroGear, I hope.
Please read carefully the proposal and let me know.
Matthias Wessendorf wrote:
No it has nothing to do with an iOS device at all. It's really
for the
UnifiedPush Server only.
For iOS notification you need a certificate and a passphrase:
https://github.com/aerogear/aerogear-unifiedpush-server#ios-variant
The passphrase is stored in plain text on the server, I filed this
ticket for adding hashing/salting.
https://issues.jboss.org/browse/AGPUSH-210
Since this is a 'security' related item I created the AGSEC-89 for the
real work, and keeping the AGPUSH item as reference only.
--
abstractj
Attachments:
- signature.asc (application/pgp-signature — 495 bytes)