On 17.04.2017 22:59, sri wrote: > Allright, i'll try to take the topic a little more serious. So straight > to the point, there is no chance we would accept a change for a security > feature that results in new attack vectors.
Very sensible IMO. When I decided on a method for the secret(s), I knew I wanted to rotate them, but also keep them on external storage (the DB, as I use one anyway) so they can be reloaded on an application restart. I found that rotating secrets in the DB from the Mojolicious application, which was so simple in the development instance, turned out to be tricky in the multi-process test and live environments. So I chose to use an external process that regularly updates the list of secrets in the DB, while the application processes check there for a new secret regularly (and simultaneously). The external process takes (longish) secrets from /dev/urandom, which should be secure enough. Regards, Juergen. -- Jürgen Nickelsen <[email protected]> Freie Universität Berlin, ZEDAT/FUDIS https://zedat.fu-berlin.de/FUDIS Jabber [email protected]; Tel +49.30.838-50740 Fax -450740 -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.
