[Freeipa-users] Use of FreeIPA or FreeIPA LDAP server to hold private keys
Stephen Gallagher
sgallagh at redhat.com
Wed Aug 3 18:05:51 UTC 2011
On Wed, 2011-08-03 at 14:02 -0400, Ian Stokes-Rees wrote:
>
>
> On 8/3/11 1:46 PM, Stephen Gallagher wrote:
> > Well, there exist central storage approaches that don't allow even
> > the local admin access to the data. The trade-off of course is that
> > they can't reinstate your access if you forget the password. In
> > other words, you can set a password that is used as a symmetric key
> > for encrypting your data in the central store. It's still central
> > and can be retrieved from anywhere, but only you know how to read
> > it.
>
> You still seem to be missing the relevance of unscrupulous
> administrators and compromised systems to "man in the middle" any
> interactions you have with this system. Unless you never access the
> data yourself once the unscrupulous admin or attacker has gained
> access, then such a person can pretty easily intercept your password
> and get at your data.
>
> Ian
No, the way that such a system would work is that the password would
never be passed to the central server. Only the encrypted data would be
sent and received. All decryption would happen locally. The most a
man-in-the-middle attack could accomplish would be damaging the file so
it couldn't be decrypted anymore. That could accomplish a
denial-of-service, but not grant the attacker privileges to use your
keys.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20110803/bf17a64d/attachment.sig>
More information about the Freeipa-users
mailing list