[cryptography] Keyspace: client-side encryption for key/value stores
pgut001 at cs.auckland.ac.nz
Fri Mar 22 08:50:28 EDT 2013
Thierry Moreau <thierry.moreau at connotech.com> writes:
>Client-side storage of long-term secrets can only be secured by dedicated
>client-side hardware. Your mileage may vary.
In a perfect world, yes. However having an OS-provided, standardised
mechanism that gets things mostly right (Apple Keyring) is far, far better
than forcing every developer to invent their own one (Unix and to a lesser
extent Windows), which 90% will get wrong.
More information about the cryptography