On Thu January 1 2009, Victor Duchovni wrote:
> On Thu, Jan 01, 2009 at 06:26:49PM -0800, David Schwartz wrote:
>
> >
> > Edward Diener wrote:
> >
> > > > 1) You need someone to confirm that having a client use a
> > > > known-compromised
> > > > private key to authenticate over SSL is no worse
On Thu, Jan 01, 2009 at 06:26:49PM -0800, David Schwartz wrote:
>
> Edward Diener wrote:
>
> > > 1) You need someone to confirm that having a client use a
> > > known-compromised
> > > private key to authenticate over SSL is no worse than the
> > > client using no
> > > key at all. It seems to m
Edward Diener wrote:
> > 1) You need someone to confirm that having a client use a
> > known-compromised
> > private key to authenticate over SSL is no worse than the
> > client using no
> > key at all. It seems to me like you'd almost have to try to make this a
> > problem, but who knows -- mayb
On Thu January 1 2009, Edward Diener wrote:
> Michael S. Zick wrote:
> > On Thu January 1 2009, Edward Diener wrote:
> >> Perhaps your seeing this shows why I was at least nominally concerned
> >> about the MySQL client having its own public key-private key
> >> certificates. I have tried to find
David Schwartz wrote:
Edward Diener wrote:
Perhaps your seeing this shows why I was at least nominally concerned
about the MySQL client having its own public key-private key
certificates. I have tried to find out what actual use the client's
public key-private key has in MySQL, from either the
Michael S. Zick wrote:
On Thu January 1 2009, Edward Diener wrote:
Perhaps your seeing this shows why I was at least nominally concerned
about the MySQL client having its own public key-private key
certificates. I have tried to find out what actual use the client's
public key-private key has i
Edward Diener wrote:
> Perhaps your seeing this shows why I was at least nominally concerned
> about the MySQL client having its own public key-private key
> certificates. I have tried to find out what actual use the client's
> public key-private key has in MySQL, from either the client or the
>
On Thu January 1 2009, Michael S. Zick wrote:
>
http://dev.mysql.com/doc/refman/5.1/en/grant.html
> On Thu January 1 2009, Edward Diener wrote:
> > Perhaps your seeing this shows why I was at least nominally concerned
> > about the MySQL client having its own public key-private key
> > certific
On Thu January 1 2009, Edward Diener wrote:
> Perhaps your seeing this shows why I was at least nominally concerned
> about the MySQL client having its own public key-private key
> certificates. I have tried to find out what actual use the client's
> public key-private key has in MySQL, from eit
David Schwartz wrote:
I can understand your summary quite clearly.
Great.
Suppose the server encrypts data it sends to the client and the client
needs to decrypt that data. This is the case when my client SELECTs data
from the MySQL database. Does this need a different sequence than the
seque
> I can understand your summary quite clearly.
Great.
> Suppose the server encrypts data it sends to the client and the client
> needs to decrypt that data. This is the case when my client SELECTs data
> from the MySQL database. Does this need a different sequence than the
> sequence mentioned a
Scott Gifford wrote:
Edward Diener writes:
[...]
[...]
For what books do I look to specifically understand how these
certificates work with public key-private key pairs ? SSL books ?
Cryptography public key-private key books ?
For a general understanding of cryptography, I learned from Bruc
David Schwartz wrote:
Edward Diener wrote:
In this last case I do not understand how the client can encrypt data
going to the server if it has no private key of its own.
Your question is kind of puzzling. Why would the client needs its own
private key in order to encrypt data going to the ser
Edward Diener wrote:
> In this last case I do not understand how the client can encrypt data
> going to the server if it has no private key of its own.
Your question is kind of puzzling. Why would the client needs its own
private key in order to encrypt data going to the server? In general,
priv
Edward Diener writes:
[...]
> In this last case I do not understand how the client can encrypt
> data going to the server if it has no private key of its own.
Each combination of algorithms that can be used when only one party
has a key must provide some way to do this.
When RSA is used and on
On Tue, Dec 30, 2008 at 02:26:20PM -0500, Edward Diener wrote:
> Victor Duchovni wrote:
> >On Mon, Dec 29, 2008 at 12:55:14AM -0500, Edward Diener wrote:
> >
> >>My assumptions from what I could glean from the certificates distributed
> >>is that the CA-cert.pem is the same for client and server,
Victor Duchovni wrote:
On Mon, Dec 29, 2008 at 12:55:14AM -0500, Edward Diener wrote:
My assumptions from what I could glean from the certificates distributed
is that the CA-cert.pem is the same for client and server, while the
server-cert.pem is a public key corresponding to the private
clie
On Mon, Dec 29, 2008 at 12:55:14AM -0500, Edward Diener wrote:
> My assumptions from what I could glean from the certificates distributed
> is that the CA-cert.pem is the same for client and server, while the
> server-cert.pem is a public key corresponding to the private
> client-key.pem, and t
Ger Hobbelt wrote:
On Fri, Dec 26, 2008 at 7:28 PM, Edward Diener wrote:
I appreciate all the information you presented which I have snipped out
in giving my response below.
Money may be less of an issue than ease of use. This is a commercial
application which however needs good security t
On Sun December 28 2008, Ger Hobbelt wrote:
>
> And all that fuss, just because you've woken up and inquired about
> security / protection technology, instead of ignoring the subject and
> waiting for a nasty surprise down the road. Dang! ;-))
>
You did well to ask, indeed.
Even if the result m
On Fri, Dec 26, 2008 at 7:28 PM, Edward Diener wrote:
> If I can get a little finicky, the application needs access to the
> database/server. Nobody else should be accessing it. But I am sure that is
> what you meant.
>
> The clients are to be trusted using the application. My employer, not I,
> f
Edward Diener:
> But other than vague remonstrances about security planning, and that I
> was not qualified as a mere "programmer" to handle security issues from
> people who have no idea about my ability, I have yet to receive any
> specifics from others about what they would do in this very com
On Sat December 27 2008, Michael S. Zick wrote:
>
> The application note was on an authentication device, but troll the
> product catalog, they make models for storing/protecting private keys.
>
> Or, you can find people who do the trolling and decision making for-hire.
>
Start here:
http://ww
On Sat, Dec 27, 2008 at 07:33:19AM -0600, Michael S. Zick wrote:
> They have to "install" your application also. Let the installation
> and/or registration process write the button also.
> You can't write the button for the client, you don't have the client's
> private key (the only thing worth p
On Fri December 26 2008, Edward Diener wrote:
> Michael S. Zick wrote:
> > On Fri December 26 2008, Edward Diener wrote:
> >> By 'dongle' do you mean a hardware 'dongle'. If it is a software dongle
> >> you need to spell out for me what you mean.
> >>
> >
> > There are a lot of devices being mark
Michael S. Zick wrote:
On Fri December 26 2008, Edward Diener wrote:
By 'dongle' do you mean a hardware 'dongle'. If it is a software dongle
you need to spell out for me what you mean.
There are a lot of devices being marketed for this purpose, but as
an example that it needs to be neither c
Hi Edward:
Ok - I'm going to reply, but I'm also going to top post, since doing a
point by point discussion isn't going to help.
The concept of Private/Public key cryptography (of which X.509
Certificates are one invocation), is that a single private key belongs
to a single security principle. Th
Kyle Hamilton wrote:
First: I have suggested such, in the message where I stated that many
hotels don't allow connections on port 3306 (which is MySQL's standard
data port). Create a proxy that sits on a webserver, using XML-RPC to
accept requests from the client. Perform whatever logic checki
First: I have suggested such, in the message where I stated that many
hotels don't allow connections on port 3306 (which is MySQL's standard
data port). Create a proxy that sits on a webserver, using XML-RPC to
accept requests from the client. Perform whatever logic checking you
need there, and
On Fri December 26 2008, Edward Diener wrote:
>
> By 'dongle' do you mean a hardware 'dongle'. If it is a software dongle
> you need to spell out for me what you mean.
>
There are a lot of devices being marketed for this purpose, but as
an example that it needs to be neither complicated program
On Fri, Dec 26, 2008 at 01:28:27PM -0500, Edward Diener wrote:
> If I can get a little finicky, the application needs access to the
> database/server. Nobody else should be accessing it. But I am sure that
> is what you meant.
You trust your application, but not its users. This always because,
Ger Hobbelt wrote:
Mr. Diener,
What the folks here are saying is that your current scenario is a
catch22: unless at least one part of the requirements (as perceived by
your client) is changed, there is no way out.
Put in other words used in the discussion so far: this fact turns any
answer into
On Fri December 26 2008, Edward Diener wrote:
>
> From what others have written, I feel that I am right and coming up
> with elaborate schemes of hiding the client certs from the end-user
> until thay are actually going to be used by client application code in
> making the connection is largely
Edward Diener wrote:
> Well I asked whether protection for the client side certs were needed,
> and how this might be done, and I was told I was barking up the wrong
> tree, so to speak. I felt this way from the very beginning but my
> employer wanted to get other opinions.
You are either unclear
Mr. Diener,
What the folks here are saying is that your current scenario is a
catch22: unless at least one part of the requirements (as perceived by
your client) is changed, there is no way out.
Put in other words used in the discussion so far: this fact turns any
answer into a "security theater".
Michael S. Zick wrote:
On Fri December 26 2008, Edward Diener wrote:
Kyle Hamilton wrote:
If your company hires a security consultant, s/he will state the same thing.
Thanks for your help but right now I am the programmer and "security
consultant", and therefore I must come up with security an
On Fri December 26 2008, Edward Diener wrote:
> Kyle Hamilton wrote:
> >
> > If your company hires a security consultant, s/he will state the same thing.
>
> Thanks for your help but right now I am the programmer and "security
> consultant", and therefore I must come up with security answers.
>
Edward Diener
> > Your scheme requires you to put the credentials where an
> > attacker can get them in unencrypted form. All an attacker need
> > do is terminate your process as soon as it attempts a network
> > connection (or intercept its filesystem calls and snapshot every
> > file before
Edward Diener wrote:
> Please suggest ways to do so. The server is no different from any other
> server database. It accepts a username/password to prevent unauthorized
> users from accessing its data. I am perfectly willing to listen to other
> server techniques which involve security, or rea
David Schwartz wrote:
Kyle Hamilton wrote:
If your company hires a security consultant, s/he will state the
same thing.
-Kyle H
The fundamental problem is this:
You have one door. Every customer must walk through it. However, you don't want
a customer to run amuck once he gets through the
Kyle Hamilton wrote:
Mr Diener:
This is, incidentally, why I call it "security theater" -- you're not
gaining anything from the actions that you're going through, except
"warm and fuzzies" of the people you're entertaining with it (in this
case, your boss).
You need to fix your server architect
Kyle Hamilton wrote:
> If your company hires a security consultant, s/he will state the
> same thing.
>
> -Kyle H
The fundamental problem is this:
You have one door. Every customer must walk through it. However, you don't want
a customer to run amuck once he gets through the door. Your solut
Mr Diener:
This is, incidentally, why I call it "security theater" -- you're not
gaining anything from the actions that you're going through, except
"warm and fuzzies" of the people you're entertaining with it (in this
case, your boss).
You need to fix your server architecture, which is likely go
On Wed, Dec 24, 2008 at 10:06:59PM -0500, Edward Diener wrote:
> >It sounds like you are trying to implement DRM with an application that is
> >running on untrusted hardware controlled by a potentially hostile user.
> >You want to ensure that only your code has access to your server, and not
> >mo
On Wed December 24 2008, Edward Diener wrote:
>
- - - snip - - -
> >
> > This will not keep a cryptographer out of your application, but should
> > pass the "warm and fuzzy" test.
>
> It may make it harder for a disruptive hacker.
>
That is what I meant, my own poor choice of words.
Just want
> No, my risk model is to simply ascertain whether distributing the certs
> as files in the application directory is a serious security risk or not
> and, if it is, what steps can make it less so.
If it's a security risk, it's because something is broken someplace else.
Why do you need to hide a
Victor Duchovni wrote:
On Wed, Dec 24, 2008 at 03:59:13PM -0500, Edward Diener wrote:
I am working for an employer who will be selling a product to end users.
The risk model is that my employer feels it would be bad if a hacker
were able to easily understand where the client certs reside in the
Michael S. Zick wrote:
On Wed December 24 2008, Edward Diener wrote:
Michael S. Zick wrote:
On Wed December 24 2008, Edward Diener wrote:
In a client application communicating with a MySQL server, I am using
SSL to encrypt/decrypt data sent to and from the database. This requires
me to have th
Kyle Hamilton wrote:
On Wed, Dec 24, 2008 at 1:27 PM, Edward Diener wrote:
Kyle Hamilton wrote:
If you're on Windows, it does make sense to include the PEMs for the
CA (and chain) in the application directory. (See, for example, the
software distribution of Second Life, which has its own CA f
On Wed, Dec 24, 2008 at 03:59:13PM -0500, Edward Diener wrote:
>
> I am working for an employer who will be selling a product to end users.
> The risk model is that my employer feels it would be bad if a hacker
> were able to easily understand where the client certs reside in the end
> user appl
On Wed, Dec 24, 2008 at 1:27 PM, Edward Diener wrote:
> Kyle Hamilton wrote:
>>
>> If you're on Windows, it does make sense to include the PEMs for the
>> CA (and chain) in the application directory. (See, for example, the
>> software distribution of Second Life, which has its own CA for TLS
>> a
On Wed December 24 2008, Edward Diener wrote:
> Michael S. Zick wrote:
> > On Wed December 24 2008, Edward Diener wrote:
> >> In a client application communicating with a MySQL server, I am using
> >> SSL to encrypt/decrypt data sent to and from the database. This requires
> >> me to have the PEMs
Kyle Hamilton wrote:
If you're on Windows, it does make sense to include the PEMs for the
CA (and chain) in the application directory. (See, for example, the
software distribution of Second Life, which has its own CA for TLS
authentication of its own grid servers.)
For client certificates, thou
Michael S. Zick wrote:
On Wed December 24 2008, Edward Diener wrote:
In a client application communicating with a MySQL server, I am using
SSL to encrypt/decrypt data sent to and from the database. This requires
me to have the PEMs for the CA, client key, and client certificate
distributed as pa
If you're on Windows, it does make sense to include the PEMs for the
CA (and chain) in the application directory. (See, for example, the
software distribution of Second Life, which has its own CA for TLS
authentication of its own grid servers.)
For client certificates, though, it depends. If it'
On Wed December 24 2008, Edward Diener wrote:
> In a client application communicating with a MySQL server, I am using
> SSL to encrypt/decrypt data sent to and from the database. This requires
> me to have the PEMs for the CA, client key, and client certificate
> distributed as part of the applicat
In a client application communicating with a MySQL server, I am using
SSL to encrypt/decrypt data sent to and from the database. This requires
me to have the PEMs for the CA, client key, and client certificate
distributed as part of the application. Of course these certificates
will not work excep
57 matches
Mail list logo
