On Wed, Feb 5, 2014 at 9:02 PM, Bruno Oliveira <bruno(a)abstractj.org> wrote:
On February 5, 2014 at 5:47:24 PM, Matthias Wessendorf
(matzew(a)apache.org)
wrote:
> > yeah, but that is really per variant, not global. So we would
> need a lot of these secret file :-)
You've probably misunderstood what I said, but that would be silly and
impractical, I didn't say that, right? If you don't want to require an
input every time, make use of SINGLE key to encrypt the passphrases that's
what was suggested.
>
>
>
> Perhaps I am wrong, but I feel that if (for iOS variants) we start
> to require "password_to_my_superpassphrase" on the request
> for creating the logical construct of the variant,
> and use the same for the Sender, we would have that magical password,
That's what I've already mentioned, the password MUST be provided. And
there are a gazillion of solutions to the same problem outside there.
> but I fear that this opens a new can of worms.
Why?
isn't is a problem if some backend app has to store this password as well?
In order to have their batch system (or what ever) being able to trigger
push message delivery ?
>
>
> The AGPUSH-358 ticket is still yours :-) I just felt looking at
> it, while reading up on our crypto bits.
I don't bother whoever will solve this ticket. If you want to jump in,
feel free to reassign to you, if don't I can look at this on the next week.
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf