[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: secret strings

From: Stephen J. Turnbull
Subject: Re: secret strings
Date: Sat, 02 Apr 2011 01:14:16 +0900

Ted Zlatanov writes:

 > OK.  I'll buy that.  So how, then, does the the producer, the
 > auth-source API, encourage consumers to wipe their secrets?

That depends on the security model, it seems to me.  For some
purposes, ROT13, with no secret at all, is sufficient "security".  In
other cases, the user is given a secret to be used once (eg, a
temporary password).  In other cases, the user may never see the
secret at all (public key methods).

The problem, as I see it, is that the auth-source doesn't know what
the consumer is going to do with it, or how long the secret will
remain valid.  I don't really see how this is the auth-source's

The `with-secret-strings' macro I suggested is the only fairly generic
kind of thing I can think of, but it's not really very general.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]