diff options
author | bnewbold <bnewbold@robocracy.org> | 2012-07-19 23:00:07 -0400 |
---|---|---|
committer | bnewbold <bnewbold@robocracy.org> | 2012-07-19 23:00:07 -0400 |
commit | 119827fd4567cd51f450dda37c3ef9600ed62979 (patch) | |
tree | d2105e4bdc21f77faa2f10879268a31d3124eba5 /security.page | |
parent | 37d7e79cfc4bfd1617de7423c73ff3cd43ee20d6 (diff) | |
download | rooter_wiki-119827fd4567cd51f450dda37c3ef9600ed62979.tar.gz rooter_wiki-119827fd4567cd51f450dda37c3ef9600ed62979.zip |
backup
Diffstat (limited to 'security.page')
-rw-r--r-- | security.page | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/security.page b/security.page index dea8a2e..81bed52 100644 --- a/security.page +++ b/security.page @@ -13,3 +13,11 @@ XSS attack to back out geo location of router: <http://samy.pl/mapxss/> [Tripphrases](http://worrydream.com/tripphrase/) plan9 security: [Factotum](http://doc.cat-v.org/plan_9/4th_edition/papers/auth) + +Users should probably have a single "root" GPG key for every distinct +identity/persona that they present to the external world, and then generate +subkeys for use with each host/device and external service. This allows more +fine grained control over revokation and access control (eg, if a device is +lost then suspend/revoke that key). An API or tools to help distribute +certificates, signing information, and revokations would be helpful. + |