[openssl-users] explicitly including other ciphers.

Ron Croonenberg ronc at lanl.gov
Mon Dec 7 19:27:32 UTC 2015


That is something we have been considering, but someone is going to 
bring up the fact that passwords would be in the clear.
It would be an option to have some sort of encrypted authentication 
'thing' over HTTP

No it is strictly for having users, on front ends authenticate so they 
will only have access to their own data/objects

On 12/03/2015 07:11 PM, Jakob Bohm wrote:
> Since the network is (as I understand it) physically secure
> against wiretapping, how about using plain http with http auth?
>
> Or are you trying to protect against TCP connection hijacks by
> other computers/processes on the "secure" network?
>
> On 04/12/2015 00:35, Ron Croonenberg wrote:
>> The network is isolated from the outside worl,   BUT  we still need
>> authentication because different users are using it.
>>
>> So what I preferably want is sort of a set up where,
>>
>> authentication is done the "standard way" and after that just use the
>> https connection without the overhead of actually encrypting anything.
>> (and the lesss modifications and recompiling the better)
>>
>> thanks,
>>
>> Ron
>>
>>
>> On 12/03/2015 02:50 PM, Richard Moore wrote:
>>>
>>>
>>> On 2 December 2015 at 17:53, Ron Croonenberg <ronc at lanl.gov
>>> <mailto:ronc at lanl.gov>> wrote:
>>>
>>>     So the idea is to use an object store on an isolated network and
>>>     push and get objects out of it using https.
>>>
>>>
>>> ​If network is fully isolated you could use plain text. Using 'https'
>>> and null encryption is basically just pretending to do security.
>>>
>
>
> Enjoy
>
> Jakob


More information about the openssl-users mailing list