Now, I am working on a fully decentralized application where pagekite would play a central role, and one thing is not really clear to me (or I could not find the information I was looking for):- is there a risk (security-wise) if/when the pagekite secret is revealed ? I guess so - otherwise it would not be secret, but what does that involve concretely?
The scenario I am looking at might involve a few hundreds of CNAMES each pointing to a xml database instance located around the world - and accessible through pagekite magic under the same domain. Now, it is very likely that the pagekite secret will not be secret anymore in this situation. So, alternative question:- is there a way to have a different pagekite secret per CNAME ?
Hello :)
Replies are inline below.On Fri, Oct 26, 2012 at 3:37 PM, krikrou <christop...@gmail.com> wrote:
Now, I am working on a fully decentralized application where pagekite would play a central role, and one thing is not really clear to me (or I could not find the information I was looking for):- is there a risk (security-wise) if/when the pagekite secret is revealed ? I guess so - otherwise it would not be secret, but what does that involve concretely?
People who have the secret can fly kites using your name and create new kites.
So as far as the PageKite service is concerned, that is pretty much complete control over the aside from billing-related aspects. :-)The scenario I am looking at might involve a few hundreds of CNAMES each pointing to a xml database instance located around the world - and accessible through pagekite magic under the same domain. Now, it is very likely that the pagekite secret will not be secret anymore in this situation. So, alternative question:- is there a way to have a different pagekite secret per CNAME ?
Yes. You can edit each kite's secret using the web interface at https://pagekite.net/home/ , just click on the world "default" in the secret column and edit.
If you are going to do a lot of this and need it automated, there is an XML-RPC interface which can be used to both create and configure individual kites, including the secret
One more thing - note that there are currently limits on how many simultaneous connections a given account can run at a time. If you are serious about hundreds of connections, you may want to discuss terms with us off-list. Obviously that's going to cost more than $3/month. :-)
There is currently one "standard" option for such use cases on our subscription page (the embedded developer subscription), but depending on what you are doing it may or may not be a good fit. Feel free to send us mail at he...@pagekite.net and we'll help figure out something that works for you.