[jboss-jira] [JBoss JIRA] (ELY-1257) Remove credentials key-pair and public-key-pem from Elytron client configuration file

Darran Lofthouse (JIRA) issues at jboss.org
Sun Aug 20 06:39:16 EDT 2017 

     [ https://issues.jboss.org/browse/ELY-1257?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse reassigned ELY-1257:
-------------------------------------

    Assignee:     (was: Darran Lofthouse)


> Remove credentials key-pair and public-key-pem from Elytron client configuration file
> -------------------------------------------------------------------------------------
>
>                 Key: ELY-1257
>                 URL: https://issues.jboss.org/browse/ELY-1257
>             Project: WildFly Elytron
>          Issue Type: Bug
>    Affects Versions: 1.1.0.Beta52
>            Reporter: Ondrej Lukas
>            Priority: Critical
>
> Based on following discussion with [~dmlloyd]:
> {quote}
> > - key-pair - what is the reason for this credential element? How it can be used?
> This is for key-based authentication mechanisms, like SSH.  We're also 
> developing a key-based SASL mechanism [1] that will hopefully make some 
> progress in the next quarter (and is open to contribution from all).
> > - public-key-pem - I do not understand reason of this credentials on client side. I would be able to understand private-key-pem. Is this element correct or should be removed?
> A public key could be used for the purposes of server verification.  We 
> don't yet have a way to establish a means to authenticate servers 
> though, other than using a trust store; this is something that will 
> probably be developed in conjunction with [1].
> [1] https://github.com/dmlloyd/pk-rfc
> {quote}
> we suggest to remove {{key-pair}} and {{public-key-pem}} from {{configuration.authentication-client.authentication-configurations.configuration.credentials}} in Elytron client configuration file. We can introduce those credentials once it will be implemented. Provided credentials for mechanisms which are currently not supported in Elytron can be confusing and can result in incorrect client configuration.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list