While its a different configuration option from the vhost's SSL setting,
they don't have to be separate certificates (as long as the cosign server
recognizes the CA that signed the browser facing cert)
Liam
On Friday, February 6, 2015, Tom Boutell <t...@punkave.com> wrote:
> Thanks for the pointers. It would be a lot more approachable to do new
> implementations of cosign if there were a spec document like this one:
>
>
> http://jasig.github.io/cas/development/protocol/CAS-Protocol-Specification.html
>
> One of the key differences between Cosign and CAS seems to be the
> implementation of separate SSL certificates for Cosign's back-channel.
> I'm curious what the improvement in security is there. It could be
> left over from the era when the public sites might not be using https,
> or it could have a larger benefit that just isn't clear to me yet.
>
> --
>
>
> THOMAS BOUTELL, DEV & OPS
> P'UNK AVENUE | (215) 755-1330 | punkave.com
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming. The Go Parallel Website,
> sponsored by Intel and developed in partnership with Slashdot Media, is
> your
> hub for all things parallel software development, from weekly thought
> leadership blogs to news, videos, case studies, tutorials and more. Take a
> look and join the conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Cosign-discuss mailing list
> Cosign-discuss@lists.sourceforge.net <javascript:;>
> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
