Juno Design Summit has ended
Back To Schedule
Friday, May 16 • 4:00pm - 4:40pm
PKI for messaging

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Keystone Tokens make use of PKI and the Crytpo Messaging Syntax to sign tokens. If the same mechanism were available in Osl Messaging, writers to a topic could be unmistakably identified, defending against several forms of attacks. The most pressing would be a Hypervisor compromise where malicious data could then be posted to the Schedulers.

In order to use PKI efficiently, each signed message needs to identify which certificate was used to sign it. While the certificate could be embedded in the message itself, that will greatly increase message traffic. Instead, the Messaging infrastructure needs a central registry for Certificate publication. Fetching a certificate from a registry provides no lessening of cryptographic certainty over the message signer's identity, and provides a huge scalability benefit.

(Session proposed by Adam Young)

Friday May 16, 2014 4:00pm - 4:40pm EDT

Attendees (0)