NTS: config and initialization
Hal Murray
hmurray at megapathdsl.net
Fri Mar 8 05:18:28 UTC 2019
Gary said:
> Why do you need a cookie file? I would think those should never be stored.
> Ever.
The cookies are sent from client to server in the clear.
It's the "cookie key" file, not a cookie file. Do you have suggestions for a
better name?
It holds the K/I used to decode cookies -- but those are cookies stored on
other clients.
The cookies that a client has are for use with other servers. The client's
K/I won't work with them, and the client may not even have a K/I.
------
> How does it know which of the myriad locations that the CA and intermediate
> certs can be installed in to use?
System defaults unless you specify a file or directory using "nts ca <file|dir>
".
I'm assuming that the system defaults will cover 99+% of the normal cases. I
don't have to do anything special for my browser to work. Yes, it has a GUI
to handle strange cases. I rarely use it.
Yes, you will have to do something special for self signed certificates. Same
for pinning. You can either install them in the system default directory or
cat them together into a file.
The API has separate calls to set the file and directory. It searches the
file first. I'm assuming that the system uses directory mode so we can use
the file. It may get more complicated than that, but I'm pretty sure we can
work something out.
--
These are my opinions. I hate spam.
More information about the devel
mailing list