blob: 2c0037c9030418a269575436c95ba84c24a732f8 (
plain)
1
2
3
4
5
6
7
8
9
10
|
While using HMAC instead of "plain" hash functions is inherently more secure, it's still a bad idea to re-use keys for different purposes.
Also, ttbomk, HMAC needs two keys, not one. Are you re-using the same key twice?
Compability for old buckets and support for different ones can be maintained by introducing a new option and simply copying over the encryption key's identifier into this new option should it be missing.
> Bug was filed prematurely, but was a good bit of paranoia, and gpg and
> hmac are given different secret keys [[done]] --[[Joey]]
>> Thanks :) -- RIchiH
|