Re: [Users] Re: [Serusers] trusting peers

12 Oct 2005

      Klaus Darilion wrote:
...
Version B:

Validate the domain in the certificate against a local whitelist of

known trusted peers. E.g. I could have all the public certificates of 
the trusted peers stored locally, or just having a database table with 
the hostname (as in the certificate) of the trusted peers.
  if (tls_is_from_trusted()) ..
Maybe this can bone outside the routing logic. If the client certificate 
is received, ser should verifiy if the domain in the certificate is on 
the whitelist. If yes, this TLS connection gets the "trusted flag" and 
can be easily queried in the routing logic without checking against the 
whitelist for each request.
regards
klaus

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Re: [Users] Re: [Serusers] trusting peers