On 11/20/2015 01:09 PM, Dimitry Sibiryakov wrote: > 20.11.2015 9:53, Alex Peshkoff wrote: >> Yes, and as the result key is passed from holder to crypt plugin via >> open source code. As it was reasonably suggested by Vlad our code should >> better never touch keys at all. > That may sound good, but in reality cannot gain any additional security. > Besides, the > information was already passed via remote module.
Only in some cases. In case of embedded usage (i.e. when protection of a key from open source code makes some sense) - not at al. >> I've explained in devel why client side key holder, though looking nice >> at first look, is bad thing. > Yes, I still have that letter in mail box and can quote: "key, > distributed over a lot > of boxes will stop to be secret very soon". Yes. And ability to add plugin at client side, to which (moreover) requests are redirected from the server by default provokes such design. > But client-side key holder is a possibility, not requirement. Every > plugin writer and > user can choose a scheme that he wants. > Imagine a server that require for start working with database a > connection from secured > laptop of security officer. This officer himself has no rights in database, > but is the > only source of key. > In that case I see no difference between plugin and special application doing same job. Or that officer should start IbExpert with plugin near anyway having no rights in database? ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
