On Sun, 2002-12-08 at 04:08, Henrik Nordstrom wrote:
> On Sunday 08 December 2002 07.17, Waitman C. Gobble, II wrote:
>
> > What about using a client certificate or digital signature to
> > authenticate? Anyone done that?
>
> This too is not possible if we are talking a proxy as there is no
> browsers supporting the use of SSL to proxies, and SSL is required to
> use certitifates in HTTP.
>
Well, somehow the proxy/server _needs_ to have the ability to ask the
client to identify itself with a digital signature. Perhaps the
technology is not yet in place but it _will_ be.
I think that the authentication process would be something like matching
a public key's fingerprint to a set of "allowed" keys on a keyring
located on the server. Or better yet, a public key "set" located on an
ldap directory. I hold the private key, and enable it's use when I "log
on" to my client machine, either by typing in a username/password, using
a keyed entry system, or fingerprint technology. The client machine
could be a desktop pc, cell phone, television set, microwave, toaster
oven, etc etc. When I make a request from the device, it is "signed" by
my key. The server receiving the request should be able to decide if the
client is allowed based on the public portion of the signature.
Information such as the source of the request, the username/password
entered on the client, etc shouldn't make any difference.
Down the road, I believe that usernames, passwords, credit card numbers,
contact information etc will be nonessential to authentication,
authorization, e-commerce, etc. Current methods of storing these types
of information on a server is a security risk, regardless of "how tight"
the security methods in place on the server.
Actually, IMHO credit card numbers _should_ be trivial enough to write
on the bathroom wall, but that is going _way_ OT.
I _don't_ believe that MS Passport technology is the answer. I don't
think that storing personal identification information on a remote
server is a viable solution in terms of privacy and security, unless
there is a guarantee that an individual is _absolutely_ required to
authorize a data transaction. For instance, even the administrator of
the server that holds the data should have _zero_ ability to read
contact information in the database, without a direct approval of the
individual. I believe that the passport thingy currently operates kind
of like the way credit reporting bureaus operate. Essentially _anyone_
can request the information without involving the individual.
I think that it all boils down to where one keeps their "loaded guns" -
keeping them on a remote publicly accessible device just isn't wise.
I am currently in the process of investigating means of implementation,
if anyone has comments I would certainly appreciate them!
Take care,
-- Waitman Gobble EMK Design Buena Park, California http://emkdesign.com +1.7145222528 waitman@emkdesign.com Public Key http://pgp.emkdesign.com Find an example http://freakinexample.com
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:55 MST