Since the network is (as I understand it) physically secure against wiretapping, how about using plain http with http auth? Or are you trying to protect against TCP connection hijacks by other computers/processes on the "secure" network? On 04/12/2015 00:35, Ron Croonenberg wrote: > The network is isolated from the outside worl, BUT we still need > authentication because different users are using it. > > So what I preferably want is sort of a set up where, > > authentication is done the "standard way" and after that just use the > https connection without the overhead of actually encrypting anything. > (and the lesss modifications and recompiling the better) > > thanks, > > Ron > > > On 12/03/2015 02:50 PM, Richard Moore wrote: >> >> >> On 2 December 2015 at 17:53, Ron Croonenberg <ronc at lanl.gov >> <mailto:ronc at lanl.gov>> wrote: >> >> So the idea is to use an object store on an isolated network and >> push and get objects out of it using https. >> >> >> ???If network is fully isolated you could use plain text. Using 'https' >> and null encryption is basically just pretending to do security. >> Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded
