[aerogear-dev] Security.next - Encrypt all the things and your feedback
Matthias Wessendorf
matzew at apache.org
Wed Sep 18 11:56:32 EDT 2013
One thing:
https://issues.jboss.org/browse/AGSEC-89
is not really something _on_ iOS; On the UnifiedPush Server the passphrase
for the certifcate is stored plain text, should be improved by hashing and
salting.
So, not sure if we want to remove that AGSEC-89 ticket
On Wed, Sep 18, 2013 at 5:56 PM, Matthias Wessendorf <matzew at apache.org>wrote:
>
>> <strike>
>>
>> * AGSEC-6: Encryption for mobile devices
>>
>> * AGSEC-89: Encryption for iOS
>>
>> </strike>
>>
>
> One thing:
> https://issues.jboss.org/browse/AGSEC-89
> is not really something _on_ iOS; On the UnifiedPush Server the passphrase
> for the certifcate is stored plain text, should be improved by hashing
> and salting.
>
> So, not if we want to remove that AGSEC-89 ticket
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
>
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20130918/865b9ea7/attachment.html
More information about the aerogear-dev
mailing list