On 24 March 2013, at 01:22, Polytropon <free...@edvax.de> wrote:

> Wouldn't there be a possibility to combine key _and_ password?
> The key shouldn't have to be removed, but it should only work
> with a password (which again is kept individual to each user).
> The process has to be made "more uncomfortable" to be secure,
> i. e., the password should _not_ be stored, instead it _has_
> to be entered every time the secure connection is to be used.
> If a different user gets his hands on a running session (in
> terms of user-separation or profiles on a particular machine),
> he won't be able to do anything with mail as he does not know
> the password, and the password will not be automatically
> provided for the sake of being "less complicated".
> I don't know your particular end user machine settings, so this
> is just a broad suggestion. Many things in this idea depend on
> what software the client systems use, and how this software
> actually deals with security-related settings and procedures.

The p12 format certificate includes the key and both are encrypted.  This seems 
like the best distribution format.  From what I have read most browsers can 
handle this distribution format since it is used in smart cards.  However, on 
Safari, at least, when you import the certificate you have to enter the 
encryption key for the certificate and key.  Then those are stored in the 
keychain (without any additional reference to that encryption key).  They than 
can be used by anyone on that machine.  It kind of defeats all the effort for 
security up to that point.

DoD addresses this issue by somehow making the certificate not be imported into 
the keychain, but retained on the smart card only.  Pulling the card from the 
reader eliminates any future use of it.  Thats what I would like to achieve.

-- Doug
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to