Hi Hartmut, Am Dienstag, den 19.01.2010, 22:38 +0100 schrieb Hartmut Goebel: > since we did not agree on the aims and implementation for Secure > Communication, I'll start an new effort on getting the agreement. > The sole aim of Secure Communication is: > * prevent eavesdropping <http://en.wikipedia.org/wiki/Eavesdropping> > To prevent eavesdropping, two things have to be ensured: > 1) Ensure nobody else is able to "listen" > 2) Ensure we are talking to the *right* person/server > Otherwise we could talk to the eavesdropper without knowing it. So > there would be nobody else listening, but we where simply talking to > the wrong person/server. > Do we all agree on this?
Yes, IMHO both aspects are absolutely needed for a serious multi-user and multi-company enterprise deployment. But the question for me is, if it is needed to be done in Tryton self? Is there no more flexible way to do it on the OS communication layer instead of the application layer, like ssh-tunneling, VPN, Apache? I am not a security expert, so I thank in advance for more illumination. Cheers Udo -- [email protected] mailing list
