jcnelson
commented
10 years ago Alternative solution: encrypt the closure with the gateway's key pair, and encrypt the gateway's private key with a gateway-specific password known only to the user. This should have the same effect, as long as the private key cleartext is not made available to the attacker.
Make sure the gateway is deployed with its user's public key (or that it can get it, somehow). Check the signature of the closure with it. This is to hedge against a coerced MS attack.