Difference between revisions of "JGridstart/Notes"

From PDP/Grid Wiki
Jump to navigationJump to search
(add TODO item)
Line 15: Line 15:
 
* password management: try again when password fails, stop after a couple of times
 
* password management: try again when password fails, stop after a couple of times
 
* password management: show how many passwords remembered and add action to forget
 
* password management: show how many passwords remembered and add action to forget
 +
* warn properly when unsupported password on single PKCS#12 entries are found

Revision as of 14:44, 6 April 2009

some notes on User:Wvengen@nikhef.nl/JGridStart

  • Private key (&passphrase)
    • keep in memory with timeout when appropriate
    • make sure it doesn't hit swap, if possible -- MEM06-C
    • MSC31-J never hardcode sensitive information
    • make sure it's not serializable
    • Securing Java, part 1, 2 and 3.
  • Human Interface Guidelines


TODO

  • password management: try again when password fails, stop after a couple of times
  • password management: show how many passwords remembered and add action to forget
  • warn properly when unsupported password on single PKCS#12 entries are found