Subject: A better approach to security
List archive
Re: Cacert geolocalization using Google map services
- From: Ian G <iang AT cacert.org>
- To: cacert AT lists.cacert.org
- Cc: Mario Lipinski <mario AT cacert.org>, Dominik George <dominik.george AT cacert.org>
- Subject: Re: Cacert geolocalization using Google map services
- Date: Mon, 06 Sep 2010 14:35:42 +1000
On 6/09/10 1:34 PM, Mario Lipinski wrote:
Hi,
Am 25.05.2010 02:38, schrieb Ian G:
And, it is a BirdShack decision to not provide geoloc in any future
rewrite of the code.
Imho this applies to the business logic. For the website this should be
discussed again. But will the website be critical?
Hmm, ok. I am guessing the website will at least be sensitive because the BL has to take its word that it is authenticating the user.
Well, ok, that assumes client cert access, which the website handles. If we stuck with passwords, then the website could prove some form of authentication across to BL.
(I was assuming that client cert would be the major access, and passwords would only be used for account recovery. But it does rather bring in a gap in authentication.)
iang
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-
Re: Cacert geolocalization using Google map services,
Mario Lipinski, 09/06/2010
- Re: Cacert geolocalization using Google map services, Ian G, 09/06/2010
Archive powered by MHonArc 2.6.24.