Are we interested in client certificates?

Gary E. Miller gem at rellim.com
Mon Feb 18 22:20:45 UTC 2019


Yo Project Manager via devel!

On Thu, 14 Feb 2019 20:54:06 -0800
"Mark Atwood, Project Manager via devel" <devel at ntpsec.org> wrote:

> How hard would it be to implement, and what does it buy us?


My WAG is under 100 lines of code to implement.  The client needs to
send his client cert, and the server needs to check it.  But that is
mostly just opening a few more files and a few more OpenSSL calls.

Paranoid people like client certs as a 2nd factor for authentication.

I would not bother until most everything else is done and someone
says they want it.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190218/1accad0b/attachment.bin>


More information about the devel mailing list