diff options
author | Joey Hess <joey@kitenet.net> | 2011-04-17 01:34:28 -0400 |
---|---|---|
committer | Joey Hess <joey@kitenet.net> | 2011-04-17 01:36:22 -0400 |
commit | 4d136e1ef5a3c06bbc8e10a5aa7ac20e17a39c4f (patch) | |
tree | c105b8c379f0bb84136136c7e0f159f5c2472e61 /doc | |
parent | 50cfcdf54b828fbeab532b712e00063ae9e82581 (diff) |
use different parts of cipher for hmac and gpg
Per bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing
It may be paranoid to worry about the cipher being recovered
from hmac keys, but yes.. let's be paranoid.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn b/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn index 1980a8f44..9fc31fa48 100644 --- a/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn +++ b/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn @@ -4,5 +4,5 @@ Also, ttbomk, HMAC needs two keys, not one. Are you re-using the same key twice? Compability for old buckets and support for different ones can be maintained by introducing a new option and simply copying over the encryption key's identifier into this new option should it be missing. -> See [[design/encryption]]. I don't think this bug needs to be kept -> open. [[done]] --[[Joey]] +> Bug was filed prematurely, but was a good bit of paranoia, and gpg and +> hmac are given different secret keys [[done]] --[[Joey]] |