[Gajim-devel] Re : Re : PKCS12 with password
nmset at yahoo.com
Mon Jul 25 20:16:25 CEST 2011
>>> import OpenSSL.crypto
Traceback (most recent call
File "<stdin>", line 1, in
OpenSSL.crypto.Error: [('PKCS12 routines', 'PKCS12_parse', 'mac verify
<PKCS12 object at 0x7f33978ffb90>
Well it's really because the PKCS12 container is encrypted. If I remove the
password from the same p12 file, I can authenticate successfully.
I don't know at all if it's a huge task but it would complete the effectiveness
of the whole security approach.
Much emphasis has been laid out with MITM attacks in diverse fields of
electronic cummunication. It's a real threat, but it's more likely that userA
steals userB unencrypted credentials in a desktop session that is supposed to be
used by many users and do whatever evil afterwards, pretending to be userB.
userA will most probably lack required skills to sniff the network, intercept
userB's communications, decrypt, alter and re-encrypt the content which he then
forwards to userC.
(I am well aware that super hackers, national security agencies can do
unthinkable piracy acts for whatever reason, but that's not the point here).
Have a nice day !
----- Message d'origine ----
De : Yann Leboulanger <asterix at lagaule.org>
À : Saleem Edah-Tally <nmset at yahoo.com>
Cc : gajim-devel at gajim.org
Envoyé le : Lun 25 juillet 2011, 17h 06min 35s
Objet : Re: Re : [Gajim-devel] PKCS12 with password
More information about the Gajim-devel