[LON-CAPA-admin] SSL lonc/d for 1.2 heads-up

[lucasm at ohiou.edu]

Hi,

Quick question from one of us who needs a primer on SSL.

Will this signed key depend on interaction with anyone besides MSU?

I'm presuming that if I do an upgrade or make any changes that would 
change my key that I would simply contact MSU, get the key signed, and 
then install the key locally. 

I'm presuming that this would not need to be distributed to everyone 
else in the cluster.

Is this correct?

Lastly, does the process require any third connection when negotiating 
lonc/lond? For example, if I'm trying to renegotiate my connection with
bsu, do the servers have to get any information from msu?

Thanks!
Mark

On Wed, 9 Jun 2004, Guy Albertelli II wrote:

> Hi All,
> 
> For 1.2 we will be making the lonc/d conenctions go through an SSL
> challenge response phase to increase the security of the connections.
> 
> This will require everyone to with a Lon-CAPA server connected to the
> production cluster to have to contact us and get a key signed to start
> using this new higher security connection mechanism.
> 
> For the 1.2 release the old method of connecting will work by default
> (but you will be able to switch it to SSL if you want to.)
> 
> For the next release after 1.2 it will switch to turn it on by default
> and servers that haven't updated to 1.2 or 1.3 will no longer be able
> to talk to the production cluster if they haven't gotten a key signed
> from us.
> 
> -- 
> guy at albertelli.com  LON-CAPA Developer  0-7-4-3-
> 
> 
> _______________________________________________
> LON-CAPA-admin mailing list
> LON-CAPA-admin at mail.lon-capa.org
> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
> 

----------------------------------------------------------------------------
Mark Lucas					email: lucasm at ohiou.edu
252D Clippinger Lab  				phone: (740)597-2984
Department of Physics and Astronomy             fax:   (740)593-0433
Ohio University
Athens, OH 45701