<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: CIPE source code modifications
From: Damion Wilson <dwilson,AT,ibl,DOT,bm>
Date: Tue, 25 Mar 2003 16:11:05 +0100
In-reply-to: <003701c2f2ba$26513410$d100010a@lyta>

Well, that's where the device information is, but that doesn't prevent 
from storing its user configuration data in the application's directory or 
SSH from keeping its key information in "Documents & Settings". If you read 
my earlier posts, you'll see that I want to create the ability for users to 
store their key data anywhere they want to. The registry is the worst place 
possible (backup/recovery, protection, etc) but if you want to keep doing 
that, then that's fine, you can have a Control Panel applet that lets you. If 
someone else wants to keep their information in LDAP, then that should be 
fine, too. I, personally want to store the information in protected form on 
media of my choice, which you cannot accomplish using the registry.

Ultimately, this path (or something like it) will be necessary to prevent 
terminal forking of the project. I've noted that most of the differing 
requirements are popping up with the management tools (and not with the inner 
workings). It's better for me not to have to maintain different versions of 
cipsrvr and cipdrvr all over the place. Do you want to ?

Even though I dislike being a manager, it's up to me to try and get some kind 
of concensus on these kind of issues. The sooner we can, the sooner I can get 
to coding.


On Tuesday 25 March 2003 10:16 am, Wolfgang Ocker wrote:
> On Tue, 2003-03-25 at 11:34, Mark Smith wrote:
> > Damion wrote:
> > > Let me know what you guys think about all this. It's a major change in
> > > the operation of the cipsrvr.
> >
> > I agree it is, and in this case I can see another good reason to switch
> > away from using the registry. [...]
> I don't agree. The standard location where to store that kind of
> information (device configuration) on a Windows system is the registry,
> like it or not. The single critical part of information to hide is the
> key that can be stored encoded in the registry. A proof of concept is
> available.
> > In my experience, a good number of end users do
> > not have full access to the registry in the first place and do not have
> > Administrative access to their own systems as they are managed by an
> > external support company.  [...]
> If it is an administrative decision, a VPN connection should be set up
> by that administrators. If the user is not allowed to change the DNS
> server, why should he be allowed to set up a VPN?
> > [...] This method of control and access would
> > then make it trivially simple to setup a link, both for the first time
> > and subsequently.
> Did you try Carsten's latest version? It's pretty simple to set up now.
> Or do you mean pretty simple with respect to implementation?
> > I also strongly recommend that access to your control protocol is limited
> > by ACL to enhance the overall security.  This may seem to defeat my above
> > statement, but it is the usual method of security under Win32 that
> > corresponds to user permissions under Linux and would control who could
> > control the link information.  Also, the file containing the link
> > information, be it plain text or not, could easily be stored on an NTFS
> > drive with a restricted ACL to prevent just anyone from reading it, just
> > like CIPE under Linux.
> We should not make the things more complicated as necessary. The only
> information that must be protected is the key, and this is done best by
> encrypting with a passphrase (if you don't want to have some additional
> hardware). I see CIPE/windows being used on client machines, primarily
> on laptops (with Linux peers, operated as server or gateways). So it is
> possible that a user can enter a password when connecting for the first
> time during a session. If the user cannot remember the passphrase, he
> can save it in a file protected with an ACL :).
> > I wanted to say something about version control, and multiple people
> > working on the system while it's still in pre-release, but I can't seem
> > to find a way to say 'play nice' that doesn't sound (or could be taken
> > as) unfriendly. I think it's fair to say that it's a brilliant concept
> > that lots of people find useful, and in some circumstances, essential. 
> > [...]
> Very good point. I also would like to see CIPE/Windows on Sourceforge's
> CVS. Damion?
> > So take care all, and stay happy.
> >
> :)
> Wolfgang

<< | Thread Index | >> ]    [ << | Date Index | >> ]