basid-irk
basid-irk
AFAIK any algorithm operate on key pair, must not "derive OK from SK" - key pair generated as whole. Knowlege only one key from pair doesn't permit "recover" another key...
But, any way - "host identification" fully unrelated to crypto. Out of scope.
Yes, **may** included. But "proof of ownership" based on ability destroy (forget/wipe) one part of ephemeral key pair.
Scenaries of key compromise are part of "threat model". Key leak does not affect on key/algorithm strength. "Quality" of "secure storage" fully out of scope this FR or use concrete...
If YOU think it's risky - simple not use ExtAuth.
ExtAuth is about trusted relation between servers. Trusted server may use mapping for (some) client on external connection without knowlege client's secret's ExtAuth must not store client's secret's anywhere. If...
on external server may: 1. send client secret's to another server and destroy client's security; 2. setup trusted relations with another server and use mapping. ExtAuth must use second approach....
``` > ver & zstd -V & zstd -b1e19 | sort /+2 Microsoft Windows [Version 6.1.7601] *** Zstandard CLI (64-bit) v1.5.5, by Yann Collet *** 16#Synthetic 50% : 10000000 ->...
In embedded mode mon$server_pid/mon$remote_pid are the same.
embedded connection: ``` > "50/isql" -q -z -ch WIN1251 ISQL Version: WI-V5.0.3.1683 Firebird 5.0 SQL> set auto;set count;set time;set stats;set list; SQL> connect 'security.db' user sysdba; Server version: WI-V5.0.3.1683 Firebird...