[pubcookie-dev] Why is the Public Key used?
ct-nebergall at wiu.edu
Sat Feb 7 22:27:29 PST 2004
I'm new to your project and have been reading through your docs. The
following excerpt from your How it works page.
>The "granting coookie" is protected from tampering by being signed using
the private key of the login server, and protected from disclosure >by being
encrypted using the symmetric key shared by the application server and the
Since it sounds like the symmetric key is only known by the application
server and the login server, what purpose does the public key signing serve?
Since the cookie was encrypted with a symmetric key which is only known by 2
parties isn't that sufficient to ensure that the other party must have
created it? How else is that cookie used that it becomes important that the
application server can't alter it? I'm not trying to be critical I just
don't yet understand your whole security architecture, and I'm interested in
why you choose certain design decisions.
More information about the pubcookie-dev