Since the network is (as I understand it) physically secure
against wiretapping, how about using plain http with http auth?
Or are you trying to protect against TCP connection hijacks by
other computers/processes on the "secure" network?
On 04/12/2015 00:35, Ron Croonenberg wrote:
The network is isolated from the outside worl, BUT we still need
authentication because different users are using it.
So what I preferably want is sort of a set up where,
authentication is done the "standard way" and after that just use the
https connection without the overhead of actually encrypting anything.
(and the lesss modifications and recompiling the better)
thanks,
Ron
On 12/03/2015 02:50 PM, Richard Moore wrote:
On 2 December 2015 at 17:53, Ron Croonenberg <r...@lanl.gov
<mailto:r...@lanl.gov>> wrote:
So the idea is to use an object store on an isolated network and
push and get objects out of it using https.
âIf network is fully isolated you could use plain text. Using 'https'
and null encryption is basically just pretending to do security.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
