A secure user

[Michael Sweet]

Jim Hranicky wrote:
>> Hmm, so you are looking to implement a "signing authority" kind of
>> setup, where the client certificate validates the user info that
>> has been passed by a trusted cupsd (or other) client.
> 
> Exactly.
> 
>> This is certainly possible and an interesting option, but you will
>> still need to hack the client library or seriously hack the IPP
>> backend to get the certificate and user info passed in the request.
>> The amount of work will be pretty much the same - the only difference
>> is whether the server treats certificates as user- or system-
>> specific...
> 
> The only cert that needs to be passed is the local cupsd cert,
> the signing authority cert. I think all I need to do is add
> support for a URI of the type:
> 
>     https://cups.x.com/printers/lp1?cert=/path/to/signauth-cert.pem
> 
> User certs shouldn't be required.

But the addition of the cert parameter will require an addition to
the HTTP API in the client library so that http_setup_ssl() will
use it when negotiating the secure link.  *Or* you can duplicate
all of the SSL code in the IPP backend... ;)

>>> I don't see why this couldn't be added now as a stopgap measure
>>> until certs are fully supported. Even if certs are fully supported,
>>> I don't relish the idea of issuing one for all my users :->
>> This can be automated a bit, just like with SSH, and then the
>> server can authenticate the client normally the first time to
>> collect the client's certificate and user association.
> 
> Possibly, though I think limiting the certs to just a signing
> authority cert cuts down on the amount of code needed.

A tiny bit, maybe, but you'll need the same sort of certificate
management code in the scheduler, regardless.

-- 
______________________________________________________________________
Michael Sweet, Easy Software Products           mike at easysw dot com
Internet Printing and Document Software          http://www.easysw.com