[Web-SIG] Secret keys (was: Session interface)

[Ian Bicking]

Phillip J. Eby wrote:
> Really the only "interesting" part of managing a hash-based signature is 
> where to store the key such that all the server processes can access it, 
> but it isn't part of your source code.  You can do that with a file on a 
> single server, but for multiple servers it's back to the DB or else you 
> need a way to push out configuration to the servers.  You also need key 
> rotation such that your signatures indicate which key was used to sign 
> them, so that people's keys don't suddenly stop working when you update 
> your key.

It would be nice if there was a standard way to get the "server's" 
secret key (or key(s)).  Or, maybe more abstractly, to sign and confirm 
the signature of an item, like:

   signed_data = sign(data)
   # Raises exception if there's a problem:
   data = extract_signed_data(signed_data)

At that level any key rotation can be hidden.  The mechanism is easy, 
the key management is actually not "hard", but it depends on what your 
definition of "server" is.  That would be a ripe place for 
standardization; easy to define, useful, multiple implementations 
expected.  But where do you stuff the functions?  It almost seems best 
to have server environments create or monkey patch some single module, 
since I can't really think of a reason that a single process should have 
multiple keys (except maybe in Zope, which has intraprocess security).

-- 
Ian Bicking  /  ianb at colorstudy.com  /  http://blog.ianbicking.org