[Clockwork-developers] More on SSL
Status: Planning
Brought to you by:
jlouder
Menu
▾
▴
[Clockwork-developers] More on SSL
|
From: Joel L. <jo...@lo...> - 2003-02-22 23:41:35
|
It's been a while, and I've played a bit more with Java's SSL support, and I'm now convinced that SSL is the way to go for the client-to-server communication. Interestingly enough, this week a vulnerability was found in SSL when used in certain scenarios. But it doesn't look like it would impact Clockwork, because it requires: * The cipher must be used in CBC mode. The "best" cipher Java has available for SSL is RC4, which isn't vulnerable to this attack because it's a stream cipher. * The protocol on top of SSL needs to have a fixed "password" at a certain spot. As far as I can tell, Clockwork's protocol won't have this, because there's no password to send. The attack works on things like IMAP, where the connection always opens with "LOGIN username password" or something like that. * The SSL implementation must "leak" error information by treating padding errors and decryption errors differently. I'm sure that by the time we're ready to release any files, Sun will have a patch for this (if their implementation contains this flaw). At first glance, SSL seems painful for Clockwork users to use, since each node needs to have a private key, and must have the public key of all the entities that will communicate with it. But I think this could be done rather simply with just two key pairs: (1) A server key pair (2) A client key pair Each server would have the server private key, and the client public key. Likewise, each client would have the client private key and the server public key. Sharing them makes things operationally more simple for the user, but it increases the risk if a private key is compromised. So we'll build in a way for the administrator to easily add keys to the "keyring" of the client and the server, to make transitioning to a new client key pair (or server key pair) easy, without taking down the scheduler. This would also make it possible for the administrator to use multiple client keys or server keys if he chooses. Now that I've beat security to death, I've got some ideas on other topics. But I'll send those in a separate mail. -- Joel |
