| Subject | Re: Encryption for embedded server |
|---|---|
| Author | Roman Rokytskyy |
| Post date | 2004-09-28T20:59:58Z |
Sean,
authentication in Java. Note, not every time you want the client to
know the encryption key. In my example the key is assigned by the
security plugin after the successful authentication. It is still a
security plugin.
performant solution, some other would require symmentric encryption,
and others would only by PKI encryption.
network protocol). That's the question of available extension points.
Roman
> Why do you want to relate user authentication issues with fileOne of the possible solutions I described in my post about JAAS
> encryption? They seem to be "apples and oranges".
>
> Or are you using "security plugin" as a term under which you are
> grouping families of functions/hooks which can be handed off to
> external functions?
authentication in Java. Note, not every time you want the client to
know the encryption key. In my example the key is assigned by the
security plugin after the successful authentication. It is still a
security plugin.
> Why require a plug-in for the default functionality which should beBecause one might want simple XORing as a relatively secure and
> defined in the engine?
performant solution, some other would require symmentric encryption,
and others would only by PKI encryption.
> Shouldn't the plug-ins only register for functions/hooks which theyRight, some kind of callback. Or even replace a layer (for example the
> want to 'intercept'? Much like a callback can be registered and
> then called/invoked as required but if none are define nothing is
> called.
network protocol). That's the question of available extension points.
Roman