[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Network security manager

From: Lars Magne Ingebrigtsen
Subject: Re: Network security manager
Date: Tue, 18 Nov 2014 18:36:25 +0100
User-agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.51 (gnu/linux)

Ted Zlatanov <address@hidden> writes:

> LMI> GPG isn't feasible because nobody wants to type passwords.
> Whuhh?


> Yes, it's a bother.  We're talking about potentially dozens or hundreds
> of exceptions in a large enterprise.  But let's assume the `a' key is
> large and easy to hit.
> Scenario 1: you allow a compromised server accidentally.  You now can't
> review the exception list to remove that compromise.
> Scenario 2: someone allows a compromised server on purpose in a few
> seconds.  You have no idea it happened.
> I'm sure there are other scenarios, but please don't make this a
> write-only data store.

Well, we could have a setting that says that the NSM should re-query
security exceptions...

On the other hand, we could store the server names in plain text when we
store security exceptions to make reviews easier.  That is, keep the
hash-only thing for STARTTLS man-in-the-middle tracking and the like,
but if the user registers an exception, then we'd stash the server name
in there, too.

This would avoid leaving a complete list of STARTTLS servers in that
file, but still allow easy removal of specific exceptions.

(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

reply via email to

[Prev in Thread] Current Thread [Next in Thread]