httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kaspar Brand <httpd-dev.2...@velox.ch>
Subject Re: Deprecating (and eventually removing) encrypted private key support in mod_ssl?
Date Thu, 14 Nov 2013 06:02:58 GMT
On 13.11.2013 15:28, Dr Stephen Henson wrote:
> I can vaguely recall that some of that code is designed to avoid the need to
> enter the private key passphrase more than once by decrypting private keys once
> and storing the unencrypted forms in serialised form.

True, it allows to SIGHUP/SIGUSR1 httpd without having to reenter a
passphrase. But my point is a different one, actually: why do we want to
enable users to protect file-based keys with a pass phrase in the first
place? As the article on the Symantec (formerly Securityfocus) site
says: "It is not only inconvenient, but also gives a false sense of
security."

> Unfortunately it does this in an algorithm specific way which means the whole
> lot needs updating every time a new algorithm arrives.

That's something we can solve. My current version of
ssl_pphrase_Handle() allows configuring as many keys/certs as you see
fit (well, it then turns into an OpenSSL issue as you can only have one
ECDSA cert e.g., IINM).

> The strategy will also only work for file based keys. If in future you want to
> support a key in an HSM it may not be even possible to serialise it. The
> "passphrase" may also be outside software control (for example entered into the
> device via a pinpad).

Correct. I doubt that we would want to add any HSM key activation dance
stuff into mod_ssl, this is way too vendor specific. PKCS#11 would be
the most sensible thing here, I think, but even in this case, I wonder
what benefit passphrase-protected, HSM-based keys would have.

Kaspar

Mime
View raw message