Skip to Content.
Sympa Menu

cacert-devel - Re: the 2 checks rule and the 1 point rule [1-3,5][patch]

Subject: CAcert Code Development list.

List archive

Re: the 2 checks rule and the 1 point rule [1-3,5][patch]


Chronological Thread 
  • From: Michael Tänzer <taenzermichi AT googlemail.com>
  • To: cacert-devel AT lists.cacert.org
  • Subject: Re: the 2 checks rule and the 1 point rule [1-3,5][patch]
  • Date: Wed, 30 Sep 2009 19:37:38 +0200
  • Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT googlemail.com; dkim-asp=none
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:openpgp:content-type; b=U/WrRvFubGdfn+j+ta4aJXSkckFYK1iMs7BEz7fWKOdv/nJQJ/63N7fw/v4tehDysh wb2uWzAxUnHDsr+9xik/8U1od8UtWTDZaH4XA7URKVmL0xWvo/LAXOpuTgsGjYZePHYN fBsghLphd5iXJ2COmj02MXjrwjHV2ifoiqU2c=
  • Openpgp: id=9940BEF1
Markus Warg schrieb:
>> In some sense we need to initiate the check.  So the user has to go to
>> the online system, log in, and then hit the button that says "I want
>> check X for domain Y"  At that point, the system generates the token,
>> stores it, and tell the user what it is.
>>
>> Right?
> 
> For DNS, WEB, WHOIS check we need to tell the user (because he has to
> put the code into an location where CACert can check). For mail ping we
> must not tell the user, because we want to check if he is the guy who
> got the mail.
> Thats why I would appreciate two different hashes (one per method,
> method 1=mail, method 2=web,dns,whois).

So generate a random number for the domain and store it in the database
then calculate sha1(random + methodID) should do the trick shouldn't it?
That way we only need to store one number and are able to email the user
hash1 tell him to put hash2 in the dns etc. and the user can choose what
he wants to do.

Cheers
Michael

Attachment: signature.asc
Description: OpenPGP digital signature


Archive powered by MHonArc 2.6.16.

Top of Page