From owner-freebsd-chat Tue Sep 30 05:27:20 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id FAA22569 for chat-outgoing; Tue, 30 Sep 1997 05:27:20 -0700 (PDT) Received: from bitbox.follo.net (bitbox.follo.net [194.198.43.36]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id FAA22564 for ; Tue, 30 Sep 1997 05:27:17 -0700 (PDT) Received: (from eivind@localhost) by bitbox.follo.net (8.8.6/8.8.6) id OAA22862; Tue, 30 Sep 1997 14:26:34 +0200 (MET DST) Date: Tue, 30 Sep 1997 14:26:34 +0200 (MET DST) Message-Id: <199709301226.OAA22862@bitbox.follo.net> From: Eivind Eklund To: Jeremy Lea CC: mike@smith.net.au, peter@grendel.IAEhv.nl, chat@FreeBSD.ORG In-reply-to: Jeremy Lea's message of Tue, 30 Sep 1997 10:07:11 +0200 Subject: Re: Microsoft brainrot (was: r-cmds and DNS and /etc/host.conf) References: <19970930011555.61645@grendel.IAEhv.nl> <199709300220.LAA02242@word.smith.net.au> <19970930100711.04631@shale.csir.co.za> Sender: owner-freebsd-chat@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk [Jeremy Lea] > A little thought says the primary weakness is that root@foo.bar's secret key > must be available to it in some open form, along with admin@bar's at various > times in the Java applet, and if they can be stolen then you have a hole. > But this is a known attack on PGP (and family), and if you are having this > kind of data snooped then you have probably already lost the battle. I dislike this part of it intensely, because PGP keys are usually more permanent entities than passwords. A malicious Java applet could get hold of my key, and probably also the rest of my files (given that it had access to get at the key). Mike are creating an infrastructure that hopefully will make many people create modules, thus making this a glaring hole. I'd much rather send my root password (over SSL) - that way, I can at least use S/Key. However, if we're going to use Java anyway, there are lots of crypto we could use - but will this be the easiest way of implementing the interface? Eivind.