> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Oleg Nitz
> ...
> I don't understand how are you going to provide a reliable user
> authentication without the persistent key store at client side.
> Please, explain me this.
> If it is password based than IMHO the level of security is the same
> as now.
The reliable user authentication would happen by the security server using
any mechanism (password, smartcard,...) As a result the security server
(which acts as a Certificate Authority) delivers a certificate (using the
generated key pair). This could then be used as a client certificate for
further communication over SSL. The app server accepts connections made by
clients with valid certificates (signed with the security servers CA
certificate).
I believe this is the scheme described by Luke, which he finds too
complicated, and I agree. I think that a scheme where SSL is used only for
confidentiality (also of contextual information) is preferable. On logon,
the security server should provide some private information that is
transmited with every request as contextual information by the client.
Before executing a request, the server then has to check the validity of
this information (and this does not involve the client). The level of
security is then (also) determined by the way the authentication with the
security server is done and how easy it is to guess the contextual
information.
Regards,
Wim
