[gPXE-devel] Proposal - https certcheck in first step only ssh style

Carsten Krüger C.Krueger at gmx.org
Fri Apr 30 06:00:57 EDT 2010


Hello,

I've a proposal for https certcheck in gPXE.
Instead of a full blown certficiate check a simple hash check like in SSH could
be introduced.
At first connection (or burned in) the hash of the certificate could
to stored and compared every time later.
This should be much easier to do and would increase security the same
amount than a full check. It's only uncomfortable.

greetings
Carsten



More information about the gPXE-devel mailing list