Key- & Truststore password in ConfigurationModel

International-Data-Spaces-Association / InformationModel

The Information Model of the International Data Spaces implements the IDS reference architecture as an extensible, machine readable and technology independent data model.

Apache License 2.0

64 stars 37 forks source link

Key- & Truststore password in ConfigurationModel #398

Closed ronjaquensel closed 3 years ago

ronjaquensel commented 3 years ago

Hello @HaydarAk,

I'm currently working on creating camel routes from ConfigurationModel objects for the Configurationmanager. For this, I would need the passwords of the key- and truststore referenced there. Is it possible to add these fields to the ConfigurationModel?

HaydarAk commented 3 years ago

Hi!

Adding a "password field" for both is easy. We can accomplish this by either

adding new fields to the ConfigModel class

expanding the truststore / keystore to full-fledged classes with their own (password) fields .

Do you prefer one approach over the other ?

There is one thing, I would like to highlight: I hope you are aware that adding this information to the Configuration Model, especially via the first approach, may inevitably mean that the serialisation of the configuration model itself will be a security-critical information through the expose the passwords.

ronjaquensel commented 3 years ago

Hi,

thank you for the hint. We are aware of the security risk and are currently looking for a better solution, but for the time being this approach will suffice.

Both of the suggested approaches would work for me.

HaydarAk commented 3 years ago

Done , see 5d0790e

The snapshot build of the java libs from our IAIS colleagues should soon (in the next few hours) contain these changes.