On Feb 18, 2009, at 3:26 AM, Martin Simmons wrote:
On Tue, 17 Feb 2009 20:24:02 -0800, Landon Fuller said:
The private key is needed during backup if you use PKI Signatures.
Right. Currently, enabling PKI encryption also enables signing, but
the encryption implementation does not require this, and the private
key is not necessary for encrypting the backups.
However -- if you disable signing, there is no other validation
mechanism. One could add HMAC support without too much effort, but
you
lose non-repudiation of the backups, as any recipient that can verify
the HMAC may also generate a valid one.
Does the private key have to be the one associated with the public
key? It
looks like the code loads them separately, so perhaps another
solution is to
use two key pairs and make a pem file containing the public key of
one and the
private key of the other (assuming openssl allows that)?
Interesting -- I believe that would work. The only time the public/
private keypair are associated is when decrypting the session key on
restore, so a truly "asymmetric" pair (heh) should simply cause
restore to fail -- and signatures could still be verified.
-landonf
PGP.sig
Description: This is a digitally signed message part
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H _______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
