[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: secret strings
|
From: |
Stephen J. Turnbull |
|
Subject: |
Re: secret strings |
|
Date: |
Sat, 02 Apr 2011 01:14:16 +0900 |
Ted Zlatanov writes:
> OK. I'll buy that. So how, then, does the the producer, the
> auth-source API, encourage consumers to wipe their secrets?
That depends on the security model, it seems to me. For some
purposes, ROT13, with no secret at all, is sufficient "security". In
other cases, the user is given a secret to be used once (eg, a
temporary password). In other cases, the user may never see the
secret at all (public key methods).
The problem, as I see it, is that the auth-source doesn't know what
the consumer is going to do with it, or how long the secret will
remain valid. I don't really see how this is the auth-source's
business.
The `with-secret-strings' macro I suggested is the only fairly generic
kind of thing I can think of, but it's not really very general.
- secret strings (was: lexbind: how to replace lexical-let approach to hide secrets), Ted Zlatanov, 2011/04/01
- secret strings (was: lexbind: how to replace lexical-let approach to hide secrets), Stephen J. Turnbull, 2011/04/01
- Re: secret strings, Ted Zlatanov, 2011/04/01
- Re: secret strings, Stephen J. Turnbull, 2011/04/01
- Re: secret strings, Ted Zlatanov, 2011/04/01
- Re: secret strings,
Stephen J. Turnbull <=
- Re: secret strings, Ted Zlatanov, 2011/04/01
- Re: secret strings, Stefan Monnier, 2011/04/01
- Re: secret strings, Ted Zlatanov, 2011/04/01
- Re: secret strings, Stefan Monnier, 2011/04/01