[Swan] UPDATE Re: Authentication with pam_url and nonces

Mirsad Goran Todorovac mirsad.todorovac at alu.unizg.hr
Tue Feb 8 01:05:22 EET 2022

On the other hand, good crypto is not just based on obscurity, so if it 
is open source as it is, it must also be
bad governments proof and NSA-proof ... I can't guarantee that at the 
present moment.

I will look into mTLS tomorrow, I need some good night sleep over the 
whole thing.


On 2/7/2022 7:51 PM, Paul Wouters wrote:
> If you feel the pam TLS calls needs more than server side cert verification, you should look into client authentication, eg mTLS. Don’t invent your own crypto.
> Paul

Mirsad Goran Todorovac
CARNet sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
CARNet system engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
tel. +385 (0)1 3711 451
mob. +385 91 57 88 355

More information about the Swan mailing list