Kern Sibbald wrote:
> On Thursday 15 March 2007 16:40, Jorj Bauer wrote:
>
>>> Bacula does its normal HMAC-MD5 password authentication
>>>
>> I never meant to imply that it did not, although my message was
>> obviously interpreted that way by at least two people.
>>
>>
>>> The FD ad
On Thursday 15 March 2007 16:40, Jorj Bauer wrote:
> > Bacula does its normal HMAC-MD5 password authentication
>
> I never meant to imply that it did not, although my message was
> obviously interpreted that way by at least two people.
>
> > The FD address cannot be part of the certificate (CN or a
On Thursday 15 March 2007 16:46, Jorj Bauer wrote:
> On Thu, Mar 15, 2007 at 12:04:00AM +0100, Kern Sibbald wrote:
> > On Wednesday 14 March 2007 22:29, Landon Fuller wrote:
> > > On Mar 14, 2007, at 13:41, Jorj Bauer wrote:
> > > > Let's take the DNS security issue off the table for the moment.
>
On Thu, Mar 15, 2007 at 12:04:00AM +0100, Kern Sibbald wrote:
> On Wednesday 14 March 2007 22:29, Landon Fuller wrote:
> > On Mar 14, 2007, at 13:41, Jorj Bauer wrote:
> > > Let's take the DNS security issue off the table for the moment.
> > > As I mentioned at some point, that's mostly paranoia. A
> Bacula does its normal HMAC-MD5 password authentication
I never meant to imply that it did not, although my message was
obviously interpreted that way by at least two people.
> The FD address cannot be part of the certificate (CN or any other field)
> if roaming FDs are ever to be supported.
Jorj Bauer wrote:
> I didn't actually craft this patch to address any TLS weakness; I wrote
> it to address a feature flaw/conflict.
>
> Let's take the DNS security issue off the table for the moment.
> As I mentioned at some point, that's mostly paranoia. As you say, you'd
> have to compromise bo
On Wednesday 14 March 2007 22:29, Landon Fuller wrote:
> On Mar 14, 2007, at 13:41, Jorj Bauer wrote:
> > Let's take the DNS security issue off the table for the moment.
> > As I mentioned at some point, that's mostly paranoia. As you say,
> > you'd
> > have to compromise both DNS and one of the ro
Hello Landon,
On Wednesday 14 March 2007 20:34, Landon Fuller wrote:
> Sorry for the late arrival. An opendarwin.org e-mail hiccup ate my
> subscription.
>
> Kern Sibbald wrote:
> > Well, I care, and I don't trust DNS at all. From what I read here,
> > IMO the current implementation is nothing lik
On Mar 14, 2007, at 13:41, Jorj Bauer wrote:
Let's take the DNS security issue off the table for the moment.
As I mentioned at some point, that's mostly paranoia. As you say,
you'd
have to compromise both DNS and one of the root CAs to exploit it. I
only mentioned it for those that are total
I didn't actually craft this patch to address any TLS weakness; I wrote
it to address a feature flaw/conflict.
Let's take the DNS security issue off the table for the moment.
As I mentioned at some point, that's mostly paranoia. As you say, you'd
have to compromise both DNS and one of the root CAs
Sorry for the late arrival. An opendarwin.org e-mail hiccup ate my
subscription.
Kern Sibbald wrote:
Well, I care, and I don't trust DNS at all. From what I read here,
IMO the current implementation is nothing like I imagined -- it is
not the state of the art in security. With ssh, I gener
11 matches
Mail list logo
