Re: Forbid connexions when no passphrase

From: Greg Wooledge (wooledg@eeg.ccf.org)
Date: 03/20/03

  • Next message: Jason Rimmer: "Bad packet length... argh"
    Date: Thu, 20 Mar 2003 08:37:10 -0500
    From: Greg Wooledge <wooledg@eeg.ccf.org>
    To: "Turenne, Eric" <eric@sen.dyndns.org>
    
    

    On Wed, Mar 19, 2003 at 07:46:51AM +0100, Turenne, Eric wrote:
    > Is there a way to forbid connexions from users who have
    > created passwordless (passsphraseless ?) private keys ?

    No, there isn't, because the client does not reveal to the server
    any information about the user's passphrase, or lack thereof. It
    merely uses a zero-knowledge proof that it holds the private key,
    to prove to the server that it's allowed to connect.


  • Next message: Jason Rimmer: "Bad packet length... argh"

    Relevant Pages

    • Re: Location of users private key in PKI solution
      ... If clients and server are Windows platforms, check out CAPICOM as it would ... > It sounds as though I should design the system so that the client ... > application performs the signing operation as that is the most likely ... >> The private key is typically located on the users machine. ...
      (microsoft.public.security)
    • Re: Location of users private key in PKI solution
      ... If clients and server are Windows platforms, check out CAPICOM as it would ... > It sounds as though I should design the system so that the client ... > application performs the signing operation as that is the most likely ... >> The private key is typically located on the users machine. ...
      (microsoft.public.win2000.security)
    • Re: Location of users private key in PKI solution
      ... It sounds as though I should design the system so that the client ... signing/verification technology incorporated into the server. ... Presumably the steps in signing will be as follows: ... > The private key is typically located on the users machine. ...
      (microsoft.public.win2000.security)
    • Re: What doesnt lend itself to OO?
      ... >> proxy and instructs the server to constuct the real object. ... rather than client code. ... If 'clock' is instantiated in the server, ... > for the server interface at the OOA level. ...
      (comp.object)
    • Re: Location of users private key in PKI solution
      ... It sounds as though I should design the system so that the client ... signing/verification technology incorporated into the server. ... Presumably the steps in signing will be as follows: ... > The private key is typically located on the users machine. ...
      (microsoft.public.security)