[prev in list] [next in list] [prev in thread] [next in thread]
List: gnome-components
Subject: Re: Why all the open ports?
From: Michael Rumpf <michael () rumpfonline ! de>
Date: 2000-07-26 21:19:18
[Download RAW message or body]
Hi !
Just in case you don't know, I have a link on http://rumpfonline.de/orbit to the SSL \
version of ORBit. This could maybe serve as a starting point. There is also some info \
about the Security Service....
Michael
Per Kristian Gjermshus wrote:
>
> * Maciej Stachowiak
> > Derek Simkowiak <dereks@kd-dev.com> writes:
> >
> > > Another Gnome security concern not yet addressed (except above :)
> > > is the encryption of Gnome's CORBA communications. Personally, I think
> > > that encryption should be left to the VPN and that ORBit's network traffic
> > > should be clear. Leave encryption to the encryption experts, the makers
> > > of SSH, vpnd, PPTP, and IPv6.
> > >
> >
> > One of the best-established security principles is that security must
> > be end-to-end to be truly effective. A VPN or IPsec can keep your data
> > secure from outsiders but does nothing to protect you from threats
> > inside your VPN.
>
> I couldn't agree more. True end-to-end security is in my opinion "The
> Only Right Solution" in the long term. It is also the hardest solution
> to implement.
>
> There is a CORBA security service. I have only browsed the spec, but
> it might be worth looking into. From what I can remember the CORBA
> security service could for example utilize Kerberos for authentication
> and encryption services.
>
> If the end-to-end security approach were used it would be possible to
> authenticate access to CORBA objects on a per user basis. I could for
> example access objects running on my home machine from work without
> worrying too much about security issues.
>
> But I am probably just dreaming.
>
> Per Kristian
>
> _______________________________________________
> gnome-components-list mailing list
> gnome-components-list@gnome.org
> http://mail.gnome.org/mailman/listinfo/gnome-components-list
_______________________________________________
gnome-components-list mailing list
gnome-components-list@gnome.org
http://mail.gnome.org/mailman/listinfo/gnome-components-list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic