[TYPO3-dev] Services architecture
Helmut Hummel
helmut.hummel at typo3.org
Sat Mar 26 14:08:14 CET 2011
Hi!
On 26.03.11 13:42, Marcus Krause wrote:
> Reading the sentences above, I believe it's not saltedpasswords' task to
> make decrypted credentials available to the rest of the authentication
> service chain.
>
> I believe we need to have a service that provides secure data transfer
> (RSA) and then trigger the authentication service chain with decrypted
> credentials.
That's exactly what I also had in mind.
Official statement:
If anyone is willing to implement a "rsatransfer" service, which does
not do authentication, but only provides decrypted crendentials to the
service chain, then go on and do it.
Would be a nice cleanup for 4.6.
Kind regards,
Helmut
--
Helmut Hummel
TYPO3 Security Team Leader
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-dev
mailing list