You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a security enhancement proposed by Philipp Löffler.
In particiular, private keys just needed for POPO generation can be erased immediately thereafter.
All private keys of client might even be erased temporarily before waiting for next poll request and then re-read from their respective source (e.g., password-protected file).
DDvO
changed the title
Erease private key data from CMP_CTX as soon as no longer needed
Erase confidental data from CMP_CTX as soon as no longer needed
Dec 28, 2019
This is a security enhancement proposed by Philipp Löffler.
In particiular, private keys just needed for POPO generation can be erased immediately thereafter.
All private keys of client might even be erased temporarily before waiting for next poll request and then re-read from their respective source (e.g., password-protected file).
Reported by: DDvO
Original Ticket: cmpforopenssl/feature-requests/45
The text was updated successfully, but these errors were encountered: