[openssl-users] explicitly including other ciphers.
Jakob Bohm
jb-openssl at wisemo.com
Fri Dec 4 02:11:28 UTC 2015
Since the network is (as I understand it) physically secure
against wiretapping, how about using plain http with http auth?
Or are you trying to protect against TCP connection hijacks by
other computers/processes on the "secure" network?
On 04/12/2015 00:35, Ron Croonenberg wrote:
> The network is isolated from the outside worl, BUT we still need
> authentication because different users are using it.
>
> So what I preferably want is sort of a set up where,
>
> authentication is done the "standard way" and after that just use the
> https connection without the overhead of actually encrypting anything.
> (and the lesss modifications and recompiling the better)
>
> thanks,
>
> Ron
>
>
> On 12/03/2015 02:50 PM, Richard Moore wrote:
>>
>>
>> On 2 December 2015 at 17:53, Ron Croonenberg <ronc at lanl.gov
>> <mailto:ronc at lanl.gov>> wrote:
>>
>> So the idea is to use an object store on an isolated network and
>> push and get objects out of it using https.
>>
>>
>> ​If network is fully isolated you could use plain text. Using 'https'
>> and null encryption is basically just pretending to do security.
>>
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users
mailing list