Fri May 25 18:14:01 2001
> David Turner:
> How much less secure is this? It is already possible to compromise keys
> with root priveleges [...]
in what way? recovering the passphrase should be hard for root as well.
> * Could they make it dump core and rip the passphrase from that? If it
> dumped core, the passphrase would be readily available. In a perfect
> world, programs don't dump core. In reality, care would be needed to
> prevent this.
a passphrase could be encrypted time-limited, the program could recrypt it
from time to time, so it would not stay unencrypted in memory too long.