> note that if the XS is acting as a proxy the cache issue can be > addressed. The XS can get a copy of the XO client cert at > registration time, and with it can decrypt the HTTPS traffic and > cache the unencrypted version. this is a lot of cpu, but it's on the > XS not the XO, so it shouldn't be as bad (and there are hardware SSL > encryption cards available that can be put in an XS for high-volume > situations)
I'm not a security wizard, but I get uncomfortable when anybody suggests giving out copies of keys, certs, or passwords. Is this an acceptable case? Why? How would you explain the subtlies to a kid? How many adults give their passwords to phishers? -- These are my opinions, not necessarily my employer's. I hate spam. _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel