On Mon, Feb 20, 2006, David Turnbull wrote: > I didn't see any mention of having the keys expire by date (and upon > use). Unused keys may get left in logs or mail folders so you can > mitigate some risk here. More importantly, if an unexpired key is > pending use and another is requested you should send the same key > again so you don't risk confusing the user with keys that don't work.
We haven't gone into that much detail yet, which is likely why you haven't seen any discussion on that topic :) > Also, instead of locking down the recovery mechanism why not use > something external? Refusing to email a key for a privileged account > requires another admin to generate the hash and send it via a trusted > mechanism. What do you mean by "something external?" There are no privileged accounts :) I think we're losing sight of what we're talking about here... this application is nothing more than a place for PDX.rb members to post blurbs about themselves and post new events/RSVP for existing ones. It's not like we're talking about a banking system. It's just a little app that has no security implications. We don't need to build Fort Knox :) Ben _______________________________________________ PDXRuby mailing list [email protected] IRC: #pdx.rb on irc.freenode.net http://lists.pdxruby.org/mailman/listinfo/pdxruby
