From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: From: presotto@plan9.bell-labs.com To: 9fans@cse.psu.edu Subject: Re: [9fans] possible way to have the secstore on the cpu server MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-jhfsrrdrdfyskqzljabvkkliha" Date: Sat, 15 Jun 2002 11:34:38 -0400 Topicbox-Message-UUID: ae36f9da-eaca-11e9-9e20-41e7f4b1d025 This is a multi-part message in MIME format. --upas-jhfsrrdrdfyskqzljabvkkliha Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Also, I'm confused. Factotum already did read the nvram key, we rely on it here for exactly what you use if for. What did you have to add? --upas-jhfsrrdrdfyskqzljabvkkliha Content-Type: message/rfc822 Content-Disposition: inline Received: from plan9.cs.bell-labs.com ([135.104.9.2]) by plan9; Sat Jun 15 10:06:16 EDT 2002 Received: from mail.cse.psu.edu ([130.203.4.6]) by plan9; Sat Jun 15 10:06:15 EDT 2002 Received: from psuvax1.cse.psu.edu (psuvax1.cse.psu.edu [130.203.4.6]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 0B21E199B7; Sat, 15 Jun 2002 10:06:09 -0400 (EDT) Delivered-To: 9fans@cse.psu.edu Received: from 9fs.org (cotswold.demon.co.uk [194.222.75.186]) by mail.cse.psu.edu (CSE Mail Server) with SMTP id D215C199B7 for <9fans@cse.psu.edu>; Sat, 15 Jun 2002 10:05:04 -0400 (EDT) Message-ID: <0538a1a8b42ab0f0bb459fc5e0ed97a9@9fs.org> From: nigel@9fs.org To: 9fans@cse.psu.edu Subject: Re: [9fans] possible way to have the secstore on the cpu server MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Sender: 9fans-admin@cse.psu.edu Errors-To: 9fans-admin@cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.0.11 Precedence: bulk Reply-To: 9fans@cse.psu.edu List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Archive: Date: Sat, 15 Jun 2002 15:02:51 +0100 Good points all. Presotto had said a dictionary attack was possible if the service ran on the cpu server and I can't see it. Anyhow I've implemented it all, and perhaps will drop it all in the wiki at some point. One addition is a mod to secstore so it reads the nvram key rather than prompting for one. This allows cpurc to load the cpu servers's factotum with extra keys like the SSL ones. Secstore is cool; it takes my mind off the awful VGA support. --upas-jhfsrrdrdfyskqzljabvkkliha--