valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-07 00:55:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update the salt auth abstract to reflect recent changes

Browse Source
This commit is contained in:
Jeff Schroeder 2012-03-18 21:58:56 -07:00
parent cbfcc1e38d
commit 10f1883c6b
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/topics/specs/salt_auth_proto_abs.rst
View File

@ -21,7 +21,7 @@ The message itself is abstracted as a python dict in this fashion:
.. code-block:: python
{'enc': 'aes',
'load': <encrypted python pickle>}
'load': <encrypted msgpack binary data>}
When this message is received the load can be decrypted using the shared AES
key. The 'enc' dict key can also be "pub" for pubkey encryption, or "clear"
@ -90,8 +90,6 @@ Conclusion
==========
In the end Salt uses formatted messages with clear header data to specify how
the message data is encrypted. Only uses pubkey encryption for authentication
and to securely retrieve the master AES key. Then all regular communication
is sent in AES encrypted messages.
the message data is encrypted. Asymetric encryption via RSA keys is only used
for authentication and to securely retrieve the master AES key. All further
communications are are encrypted with 256 bit AES.