We should use a HMAC, not a hash - this is no secure secret
On 01-09-2013 14:04, Stefan Fritsch wrote:
Hi, would it make sense to have a generic way to generate server secrets that need to be the same on every server in a load-balanced cluster? I thought of something like: The user configures one secret key file and every module that needs a secret can then get a secret derived from that key. As algorithm to derive the secret I thought of sha256("module specific string" "secret key"). The "secret key" should not be a password but be at least 256 bits of real random data. If we want to allow passwords, the derivation function would need to be more complex. This could be used for example in mod_auth_digest and mod_ssl's SRPUnknownUserSeed. If we add an interface to mod_lua, I am sure that people would find more uses for it. I don't think that it would be suitable for ssl session ticket keys, though, because those should be rotated frequently. Thoughts, comments? Stefan