[EMAIL PROTECTED] wrote on 05/14/2008 12:29:44 PM: > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > > Behalf Of David Harrington > > Sent: Wednesday, May 14, 2008 2:07 PM > > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > > Cc: [email protected] > > Subject: Re: [Syslog] syslog/tls policies and use cases > > > > Hi, > > > > So I go buy a Linksys or Netgear router or other consumer gear. > > I slip the CD into the drive and run software to install the > > management GUI on my PC. > > That software is used to perform an initial configuration of the > > device, such as enabling DHCP, setting WEP keys, and so on. > > This same software can presumably generate a key and "copy the > > fingerprint" to the device, right? > > Clueless operator needs not be involved. The Internet is secure. > > > > right? > > Mostly ;) What the clueless user still needs to do is > > 1) copy the server's fingerprint to the client > 2) configure the server to accept the client's fingerprint >
Another minor correction. The dumb gear sends its certificate to the server, and gets its certificate from the server. (I would suggest by a reasonably secure means, such as https.) You then use the fingerprints to make sure that the right certificates were copied. R Horn > Rainer > > > > David Harrington > > [EMAIL PROTECTED] > > [EMAIL PROTECTED] > > [EMAIL PROTECTED] > > > > > > > > _______________________________________________ > > Syslog mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/syslog > _______________________________________________ > Syslog mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/syslog _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
