At 03:33 PM 2/27/2002, Cliff Woolley wrote: >On 27 Feb 2002 [EMAIL PROTECTED] wrote: > > > + *) Introduce PassPhraseDialog "|/path/to/pipe" mechanism to mod_ssl. > > + This pipe must be a bidirectional 'console' style relay, which > > + mod_perl prints all prompts to the pipe's stdin, and reads the > > + passphrases from the pipe's stdout. [William Rowe] > >I don't have a problem with this change in and of itself, but we need to >be careful to emphasize to our users how little good a passphrase will do >you. It does even less good when the input is piped in from a program >that is unsuitably protected.
Agreed. I'm not even aware of the current state of mod_ssl docs, I will add an aside that there are security considerations to the implementation of any passphrase method, when I figure out where it resides. If someone wanted to write a short summary of the vulnerabilities and how to properly protect the chain from snooping and attack, then great. I'd be happy to review that doc and add my 2c(US). On Win32, we have no choice. Either this was a hardcoded invocation of a dialog app that could 'break through' the wall of the service control layer, or we simply allow them to deploy any app for that purpose, with an eye on wintty for win32 services. >We have countless debates about this on the mod_ssl users list--some >people think passphrases are good, many of us think they just lead to a >false sense of security. All I'm suggesting here is that we should >document all the pros and cons somewhere better than what we have now. :-)
