Hello, haskellers, I've faced with some issue: how to store passwords securely on client's side? Of course there are many technics how to hash them on server side but sure all of them can't be used in my case (because of nature of hash). There is some platform-independent application written on Haskell and it requires login name/password for asking some web services through SOAP. I can ask it every time when it's called, but probably I should prepare some way to store this secure info on somewhere. The other side (in most cases!) can use only plain authorization method.
For me the best way for this task -- storing the puzzled password somewhere in user's home directory ($HOME or %APPDATA% or in Mac's place for that), but I don't know how to puzzle it securely. One idea is to use GPG-alike approach: make secret key automatically and store it in user's home and just encrypt the given passphrase with that secret key after logging on and decrypt with public key when needed. But this probably is overmuch for that task. -- Iliya Kuznetsov
_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
