pem password ??
Hi.. What exactly is the use of pempass (PEM pasword string) when any private key is written on disk?? Thanks Aslam __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: pem password ??
Aslam <[EMAIL PROTECTED]> writes: > What exactly is the use of pempass (PEM pasword string) when any private key > is written on disk?? That's the point. Since it's written on disk any idiot who can read the disk can read the private key file. You encrypt it with the password so that it's useless to such an attacker. There's quite a bit more information about this in Chapter 5 of "SSL and TLS". -Ekr [Eric Rescorla [EMAIL PROTECTED]] Author of "SSL and TLS: Designing and Building Secure Systems" http://www.rtfm.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: pem password ??
Is PEM password encrypted private keys different from the PKCS8 password encrypted private keys??? -Original Message- From: Eric Rescorla [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 14, 2001 3:55 PM To: [EMAIL PROTECTED] Subject: Re: pem password ?? Aslam <[EMAIL PROTECTED]> writes: > What exactly is the use of pempass (PEM pasword string) when any private key > is written on disk?? That's the point. Since it's written on disk any idiot who can read the disk can read the private key file. You encrypt it with the password so that it's useless to such an attacker. There's quite a bit more information about this in Chapter 5 of "SSL and TLS". -Ekr [Eric Rescorla [EMAIL PROTECTED]] Author of "SSL and TLS: Designing and Building Secure Systems" http://www.rtfm.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: pem password ??
Aslam <[EMAIL PROTECTED]> writes: > Is PEM password encrypted private keys different from the PKCS8 password > encrypted private keys??? Yes, it's a slightly different key derivation function and different formatting. -Ekr __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
