Re: Cryptography and Site Security: Please critique my security idea
From: Robert Paris (rpjava@hotmail.com)
Date: 03/26/03
- Next message: Robert Paris: "Re: Cryptography and Site Security: Please critique my security idea"
- Previous message: Seraph: "Re: May America lose the Iraq war"
- In reply to: Sebastian Hoehn: "Re: Cryptography and Site Security: Please critique my security idea"
- Next in thread: Jim Grimmett: "Re: Cryptography and Site Security: Please critique my security idea"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: rpjava@hotmail.com (Robert Paris) Date: 26 Mar 2003 10:14:43 -0800
Sebastian Hoehn <shoehn@web.de> wrote in message news:<3E816B6F.9060103@web.de>...
> Hi,
> I guess your idea is not very save. The problem is you establish a key
> server. So the secrecy of your documents depends completely on the
> secrecy of this server. Who can guarantee for that?
Wait, what are you talking about? As I stated, there is no access to
the computer housing the keys from the client, the server or outside
the internal network. Of course SOMEONE has to have access to those
keys, but that is only one or two authorized people. They manage all
the keys. You certainly can't give access to the keys to no one. And
they have to explicitly access those keys to do something with them,
so we can monitor that.
> The problem you have cannot really be solved as long as you have some
> "legitimate" users. There will always be a way to get illegitimate
> access. Why don't you set the documents server behind a firewall with
> just port 443 for ssl open. So the "only entrance" to that is the SSL
> Browser. So there is no other vulerability as that of the SSL Protocol.
> Now you can be pretty sure that the only Problems you face is you web
> application.
It will be behind a firewall, but that's NOT a guarantee no one can
break into the box. (Whether through hacking or through someone
letting them get access directly into the box)
> Another security addon you could have is simply encrypt your documents
> and use a servlet for decryption before delivery.
???!!! Did you read what I posted? Please go back and read it again.
- Next message: Robert Paris: "Re: Cryptography and Site Security: Please critique my security idea"
- Previous message: Seraph: "Re: May America lose the Iraq war"
- In reply to: Sebastian Hoehn: "Re: Cryptography and Site Security: Please critique my security idea"
- Next in thread: Jim Grimmett: "Re: Cryptography and Site Security: Please critique my security idea"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
