Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, May 16 • 4:00pm - 4:40pm
PKI for messaging

Sign up or log in to save this to your schedule and see who's attending!

Keystone Tokens make use of PKI and the Crytpo Messaging Syntax to sign tokens. If the same mechanism were available in Osl Messaging, writers to a topic could be unmistakably identified, defending against several forms of attacks. The most pressing would be a Hypervisor compromise where malicious data could then be posted to the Schedulers.

In order to use PKI efficiently, each signed message needs to identify which certificate was used to sign it. While the certificate could be embedded in the message itself, that will greatly increase message traffic. Instead, the Messaging infrastructure needs a central registry for Certificate publication. Fetching a certificate from a registry provides no lessening of cryptographic certainty over the message signer's identity, and provides a huge scalability benefit.


(Session proposed by Adam Young)


Friday May 16, 2014 4:00pm - 4:40pm
B306

Attendees (36)