This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/discussion/do/listPosts/projects.ggf-editor/discussion.rec_secure_communication_profile.topc4184 at Thu, 03 Nov 2022 23:20:45 GMT SourceForge : Post
Home Projects Search
User Password Logins Disabled Help

Project Home
Tracker
Documents
Tasks
Source Code
Discussions
File Releases
Wiki
Project Admin
Project: Editor     Discussion > REC:Secure Communication Profile 1.0 > Server Certificate Provided policies > List of Posts
Forum Topic - Server Certificate Provided policies: (2 Items)
View:  as 
 
Update
 
Sven van den Berghe
03/25/2008 2:15 PM
post5996
Server Certificate Provided policies
Section 6.6 "Mutually-Authenticated TLS with Server Certificate Provided" and 6.4 "Server-Authenticated TLS with Server 
Certificate Provided" propose policies that allow for verification of the server through a certificate included in the 
policy. To document recognises the potential problems with this if the policy is acquired through unsecured means, but 
still allows them. I think that  the possibility of compromise seriously weakens these policies. I wonder if a chain of 
trust will be maintained with proper diligence by the creators of the consuming software? I can see that it is 
convenient and, when properly implemented, will be very useful, to transfer server certificates - but it does have the 
potential of causing security problems in poor implementations.
Duane Merrill
05/01/2008 10:48 AM
post6021
Re: Server Certificate Provided policies
Resolved: added extra descriptive text discussing the issues of security policy trustworthiness.

-Duane

 
Return
 

The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/discussion/do/listPosts/projects.ggf-editor/discussion.rec_secure_communication_profile.topc4184 at Thu, 03 Nov 2022 23:20:46 GMT