diff options
Diffstat (limited to 'doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn')
-rw-r--r-- | doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn | 10 |
1 files changed, 0 insertions, 10 deletions
diff --git a/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn b/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn deleted file mode 100644 index 2c0037c90..000000000 --- a/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn +++ /dev/null @@ -1,10 +0,0 @@ -While using HMAC instead of "plain" hash functions is inherently more secure, it's still a bad idea to re-use keys for different purposes. - -Also, ttbomk, HMAC needs two keys, not one. Are you re-using the same key twice? - -Compability for old buckets and support for different ones can be maintained by introducing a new option and simply copying over the encryption key's identifier into this new option should it be missing. - -> Bug was filed prematurely, but was a good bit of paranoia, and gpg and -> hmac are given different secret keys [[done]] --[[Joey]] - ->> Thanks :) -- RIchiH |