river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Simon IJskes - QCG <si...@qcg.nl>
Subject Re: WOT: trust bootstrapping
Date Thu, 29 Dec 2011 12:30:09 GMT
On 29-12-11 12:46, Peter wrote:

> By self signing your own certificates, the people at the other end still need a way to
id you're cert.
> This is the hardest part of cryptography to solve.
> There may not always be a user or person on the other end, so there needs to be a programmatic
alternative also.

Yes, this problem is what i tried to adress, or to avoid, by stating:

> One could have the trustmanager offer the unknown certificate for
> acceptance to the user, in order to allow authentication via external
> channels.

Authenticating the self signed certificate by electronic means from 
within the jini domain is unsolveable imho. Thats why i want to leave it 
up to the implementor of the application to solve the problem. User 
interfaces like bluetooth authentication spring to mind. The 
authentication problem is quite similar to bluetooth.

Gr. Sim

-- 
QCG, Software voor het MKB, 071-5890970, http://www.qcg.nl
Quality Consultancy Group b.v., Leiderdorp, Kvk Den Haag: 28088397

Mime
View raw message