Subject RE: [firebird-support] Tie X.509 certificate to username
Author Koen Vermeer
On Mon, 2007-07-09 at 23:44 +1000, Alan McDonald wrote:
> > Just to explain why: Suppose that user A and user B both have a
> > different, but valid certificate. They can both use their
> certificate to
> > connect to the server, but then use the username of the other user
> to
> > log in. I want to make sure that each user is connected with his/her
> > specific certificate.
> why do you give all your users the same password?

Thanks for your reply. I guess my explanation could have been better. I
meant to say: 'but then use the username/password of the other user to
log in'.

What I am trying to achieve is a strong authentication, based on
'something you have' and 'something you know'. Therefore, I'd like to
use a certificate ('something you have') and a password ('something you
know'). Alternatively, I can protect the certificate with a passphrase.

In my application, I want to make sure that data from two users cannot
be mixed up by any means, either due to a mistake, or on purpose.