Hi,
I am just thinking of letting the applications not be security
aware..and do ssh tunneling to the various apps, in which case it
seems pretty secure..Doesnt it?
Thanks,
Sudharsan
On 6/6/06, Kyle Hamilton <[EMAIL PROTECTED]> wrote:
All applications must have the private key, or the public ke
All applications must have the private key, or the public key is
useless. And, a public key is worthless without knowing who or what
it belongs to, which is where certificates come in. (You have an SSH
private key that is used to match up to your SSH public key stored on
the server, for example.
Hi Kyle,
Thanks, I was wondering about the folloing scenario. I have a single
public key for all apps. Hoever no apps knows the pub key, and all i
do is SSH port forwarding. DOes this have any significant problems?
Thanks,
Sudharsan
On 6/6/06, Kyle Hamilton <[EMAIL PROTECTED]> wrote:
Every appl
Every application has its opportunity to be stupid and reveal the
private key. This is one reason that wildcard certificates are
generally frowned on as a "worse practice" -- any single one of the
softwares that use the private key can reveal it. (The mantra of
security is: "You have to succeed
Hi all,
I am just wondering if i could have multiple applications on a end
host share the same public key. Can this cause a pbm in the sense
there are more applications to target and a stupid one can reveal the
private key?
Or can there be other attacks posssible
Thanks,
Sudharsan
___
