mandatory new field in key_updated compromises security #52
Assignees
Labels
future-versions
issue will be tackled but not for the current iteration
Comments
|
Additionally, we should add an "owner" field to the Now, difference between client/server keys is made with the trigger and also the KeyType: this should be made more consistent with the other events. See also #44. An endpoint would then emit separate events for client and server key updates, which should work event if key calculation is delayed (though not 100% sure yet). |
rmarx
added
the
future-versions
Closed
|
I support not logging secrets |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
On a production system you probably don't want to log TLS secrets, even if you qlog (some of the) connections. The
newfield in thekey_updatedevent therefore should not be mandatory.I'm not sure I understand the
oldfield either. If you're logging 1-RTT key updates and their sequence numbers, the key would already be written to the qlog, so there's no need to export it again. Or am I missing something?Maybe it would be a good idea to keep key material to the SSLKEYLOGFILE and not even offer an option to write them to qlog?
The text was updated successfully, but these errors were encountered: