From mboxrd@z Thu Jan 1 00:00:00 1970 From: rmccabe@sourceware.org Date: 15 Jan 2007 20:33:00 -0000 Subject: [Cluster-devel] conga/luci/docs user_manual.html Message-ID: <20070115203300.1248.qmail@sourceware.org> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit CVSROOT: /cvs/cluster Module name: conga Changes by: rmccabe at sourceware.org 2007-01-15 20:33:00 Modified files: luci/docs : user_manual.html Log message: wording tweaks Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/docs/user_manual.html.diff?cvsroot=cluster&r1=1.14&r2=1.15 --- conga/luci/docs/user_manual.html 2007/01/15 20:26:02 1.14 +++ conga/luci/docs/user_manual.html 2007/01/15 20:33:00 1.15 @@ -140,9 +140,9 @@ the datacenter systems can pretty safely be assumed to be trustworthy. If a luci server is used to connect to systems across the open Internet, the user could be vulnerable to a form of security attack known - as a 'Man in the Middle' attack; wherein a hostile party sits between - the client and server and intercepts any data exchanged while masquerading - to its peers as a legitimate party. + as a 'Man in the Middle' attack; wherein a hostile party that sits between + the client and server intercepts data exchanged, while masquerading + to its peers as a legitimate party, and issues potentially malicious commands.

If the user would like to verify the certificate of a ricci agent before authenticating to it (avoiding a 'Man in the Middle' attack), the