Bug#298689: What do you gain?

To: 298689@bugs.debian.org
Subject: Bug#298689: What do you gain?
From: Nick Phillips <Nick.Phillips@stonebow.otago.ac.nz>
Date: Mon, 20 Mar 2006 08:54:58 +1200
Message-id: <[🔎] 60536690-92B1-4A79-ADB0-7077EB1AD3E3@stonebow.otago.ac.nz>
Reply-to: Nick Phillips <Nick.Phillips@stonebow.otago.ac.nz>, 298689@bugs.debian.org

Using a passphrase on your ssl keys should mean that "someone" isunable to take them and use them elsewhere without your knowledge.

Chances are you'd notice (eventually) if someone with root on yourserver was doing bad things, but there's no way you'd notice if theyset up a server using your keys & certs, and redirected clients to it.

Of course, you still have to make sure that you notice thatsomething's wrong before providing the key passphrase to thekeylogger that someone just installed ;-), but it is an extra layerof protection, and a deterrent to opportunistic theft of the keys +certs.


It may not be "likely", but it is perfectly valid.


Cheers,


Nick


--
Nick Phillips / +64 3 479 4195 / nick.phillips@stonebow.otago.ac.nz
# these statements are my own, not those of the University of Otago

Reply to:

Follow-Ups:
- Bug#298689: What do you gain?
  - From: Adam Conrad <adconrad@0c3.net>

Prev by Date: Re: Basic Auth. Password Matching
Next by Date: Bug#298689: What do you gain?
Previous by thread: Re: Basic Auth. Password Matching
Next by thread: Bug#298689: What do you gain?
Index(es):
- Date
- Thread