20.11.2015 14:19, Dimitry Sibiryakov wrote: > 20.11.2015 13:12, Vlad Khorsun wrote: >> Key holder allows engine to never see encryption key. It is very >> important as >> engine is open for everyone while plugins are private\closed code and could >> protect >> itself. It is not required by design to send the secret key over the wire in >> open form. >> All engine know about the key - its name\id. All engine see - some >> plugin-specific data >> passed in callback. Plugin author should take care how to hide secret key >> from attacker. > > And?..
I tried to show you why key holder is important and necessary part of design. It seems (to me, at least) you not understand it. Regards, Vlad ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
