[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Network security manager
From: |
Lars Magne Ingebrigtsen |
Subject: |
Re: Network security manager |
Date: |
Tue, 18 Nov 2014 22:06:01 +0100 |
User-agent: |
Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.51 (gnu/linux) |
Toke Høiland-Jørgensen <address@hidden> writes:
> Tangentially related, one thing I would like to be able to have, is to
> have multiple fingerprints stored for the same host,post tuple *at the
> same time*. I run into this problem with servers that do round-robin to
> different servers with different certs for the same hostname. I'd like
> to be able to store all of them at once (by, for instance, connecting a
> bunch of times and trusting the certificates one by one, and then know
> that after that a mismatch should be considered suspicious).
That should be easy to implement -- we can just allow the :fingerprint
slot to be a list and check against that.
But what would the user interface say? Today it says
The fingerprint for the connection to %s:%s has changed from\n%s to\n%s
Connect anyway? (no, session only, always)
So... erm...
Connect anyway? (no, session only, always, add new fingerprint)
No, that's two "a"'s...
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- Re: Network security manager, (continued)
- Re: Network security manager, Ted Zlatanov, 2014/11/18
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/19
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/19
- Re: Network security manager, Ted Zlatanov, 2014/11/19
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/19
- Re: Network security manager, Ted Zlatanov, 2014/11/19
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/19
- Re: Network security manager, Ted Zlatanov, 2014/11/19
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/19
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/18
- Re: Network security manager,
Lars Magne Ingebrigtsen <=
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/18
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/18
- Re: Network security manager, Toke Høiland-Jørgensen, 2014/11/19
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/19
- Re: Network security manager, Garreau\, Alexandre, 2014/11/19
- Re: Network security manager, Lars Magne Ingebrigtsen, 2014/11/19