[Nut-upsdev] Client certificates
Arjen de Korte
nut+devel at de-korte.org
Tue Jan 11 21:15:16 UTC 2011
While browsing the sources of the nss-ssl-port sources I noticed that
client certificates were added. What is the reason behind this? As far
as I can see, using a server certificate and validating it in the
upsmon client should provide us with a secure channel. Authorizations
for the server will then be handled by the settings in upsd.users by
logging into the server with user and password (like we have done for
ages). What are client certificates going to add to this? We'll still
need the upsd.users to tie the certificates to operations allowed on
the upsd server (master or slave), so what benefit will using client
certificates have here? What problem are we solving with client
certificates?
Best regards, Arjen
--
Please keep list traffic on the list (off-list replies will be rejected)
More information about the Nut-upsdev
mailing list