On Tue, Aug 17, 1999, Ben Laurie wrote:
> > > I've checked through your ideas and it seems to me that they could be
> > > made to work with Apache-SSL (and hence, probably, mod_ssl), so long as
> > > the keys don't have passphrases.
> > >
> > > The point of the preload of keys/certs its to get passphrases while you
> > > still have a tty, nothing else.
> >
> > If this is really the case then you can even go with
> > passphrase protected keys. At least mod_ssl has pass
> > phrase caching, so you only need to load them once
> > completely to get the passphrases and then load them
> > whenever you need them.
>
> I consider passphrase caching to be an unacceptable security risk.
The passhrases are cached only for the duration of the interactive terminal
dialog, Ben. They are wiped out from memory after this. See
ssl_engine_pphrase.c for details. There is even an info message logged "Init:
Wiped out the queried pass phrases from memory" to inform the user about this.
I think this approach has to be considered "unacceptable"...
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
