Child pages
  • Encryption
Skip to end of metadata
Go to start of metadata

To prevent anybody from eavesdropping on the bit repository data and messages exchanged, all communication is encrypted. Two levels of PKI are used.

Implemented in BITMAG-198@jira

Encrypting the communication between pillars/clients and the coordinating layer

All communication between pillars/clients and the coordinating layer may be encrypted using SSL. The certificates used in the communication between pillars/clients and coordinating layer must be trusted by the participants, and a mechanism for distributing (public) certificates is needed. A recipe for setting up Activemq pki can be found at http://activemq.apache.org/how-do-i-use-ssl.html

Additional information can be found here:

http://timbish.blogspot.com/2010/04/ussing-ssl-in-nmsactivemq.html

Signing and optionally encrypting messages and data transfers

To ensure the authenticity of exchanged messages, they may be signed and optionally encrypted for confidentiality. Data transfers may be encrypted as well, using HTTPS. The certificates used for signing og encrypting data and messages are issued by the parties involved. - possibly assisted by the coordinating body.

[Unresolved] Distribution of certificates

  • No labels