Announcement

Collapse

Maintenance

The forum could be offline for 30-60 minutes in the very near future for maintenance (said 3pm Pacific). I was behind on getting this notice. I do apologize.
See more
See less

Still looking for any PKI server info for PB 3.5

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Still looking for any PKI server info for PB 3.5

    Two-odd years ago I posted a question as to whether anyone was working
    on a PKI Server try in PowerBASIC. At that time I got one reply
    suggesting that I look at a WINDOWS interface toward things like
    this.

    I'm still interested to know if anyone is working at this at a core
    level less than a WIN implemenation of anything like this.

    Any help?

    Thanks ..

    ------------------
    Mike Luther
    [email protected]
    Mike Luther
    [email protected]

  • #2
    Mike, can you briefly explain what a PKI server is please? Thanks!


    ------------------
    Lance
    PowerBASIC Support
    mailto:[email protected][email protected]</A>
    Lance
    mailto:[email protected]

    Comment


    • #3
      Thanks Lance. It has taken me some time to think about how to answer
      such a simple question! As best I can, here it is...

      PKI, as I know it, means Public Key Infrastructure.

      A Public Key Infrastructure Service Provider is a source for providing the
      transfer of information via telecommunications on a secured basis which
      depends on encrypting the data and decrypting it with Public Keys.

      A PKI Server is a PKI information source which, no matter how it communicates
      with the outside world, has its own authentication key service built in and
      can encrypt and decrypt communicated data with the outside world to its own
      specifications, even server to server. It is, essentially a means of working
      with Self-Authentication on internal closed networks with internal rules.

      Self-authentication, typically, is currently directed, as best I can tell,
      toward WEB hosted such things as in the APACHE SSL or SSLEAF arena which
      is a public domain encrytion system. It allows one to set up one's own
      authentication server. You can generate your owns keys with open source freeware
      in a UNIX (##IX) based environment. It is also, of note, available as
      compiled for OS/2 as well.

      However, what I want is *NOT* a WEB based creature, but a discrete "server"
      which may have nothing to do with the WEB at all. However it communicates, be
      it TCP/IP over a private network, TELNET or whatever, isn't the issue here. I
      want to combine SSL technology into plain PB for DOS source to start with.
      The functions of generating the keys, distributing them and using them to
      encrypt and decrypt file data moving between machines, no matter how it moves,
      is what is of interest to me.

      I have PB source coded independent boxen which are headed toward embedded
      system work. Each box is it's own server, of sorts. Each box may, but does
      not have to communicate with any other box to do it's work. In a serious
      pre-emptive multi-tasking operating system world, I can even have servers
      inside a given single box serving clients all within the same embedded systems
      world box even with PB 3.5 for DOS and it works WONDERFULLY well! They don't
      need PKI techniques.

      But when this embedded box talks to another one like it or another system
      elsewhere, I need for every one of them to have authentication service. As
      far as most thinking for me, traditional Client-Server is dead. It's all
      Server Service to me. There are still even BBS-like techniques which can
      be used with simple embedded systems operations. But conforming them to
      the new thinking of PKI communications techniques between themselves no
      matter what form the network takes, is the subject of how to enable a
      PKI Server in PB for DOS. At least at the lowest level, if it can
      be done!

      Does this make sense now?


      ------------------
      Mike Luther
      [email protected]

      [This message has been edited by Mike Luther (edited June 13, 2002).]
      Mike Luther
      [email protected]

      Comment


      • #4
        Understood, thanks. I can't help with any example code though, sorry!

        ------------------
        Lance
        PowerBASIC Support
        mailto:[email protected][email protected]</A>
        Lance
        mailto:[email protected]

        Comment


        • #5
          I currently use the keyserver search.keyserver.net for my gnupg stuff. Gnupg can automatically verify any signature coming through the e-mail that is stored on that public key server. So there are plenty of examples out there of public key infrastructure server-type things. I'd start looking by checking out gnupg ( http://www.gnupg.org ). Of course it will all be c-based code, but it will give you an idea of the architecture needed. (I presume your talking about pgp-style stuff, since it has been the defacto standard in the past and netscape's signatures stuff is quite complicated.)

          If you're going to do tcp stuff, pb/dos is not the best tool. Pb/cc perhaps?

          Michael


          ------------------




          [This message has been edited by Michael Torrie (edited June 14, 2002).]

          Comment

          Working...
          X