[Handle-info] encryption of private key

[Scott Yeadon <scott.yeadon@anu.edu.au>]

Hi,

I installed a development handle server and have just started playing 
with the client API. I configured an encrypted private key but am now 
wondering if that was really necessary,

If we're running a handle client and server on the same machine and the 
client API is part of separately authenticated services is it better to 
*not* encrypt the private key? The authentication against access to the 
services provides the mechanism for determining whether someone actually 
is who they say they are so any passphrase appears superfluous. Whenever 
the client needs to do anything in the admin realm the passphrase is 
required to decrypt the key, meaning the storage of the key in plain 
text (either file or Tomcat init-param, for example) will be required 
which seems an unnecessary overhead and could be more insecure than just 
the private key sitting in a non-web-accessible area. I couldn't find 
any guidelines on when to use encrypted or unencrypted keys but 
presumably encryption would only be needed where a user interface is 
required to authenticate a user directly against handle services. Can 
anyone confirm this?

I assume a change from an encrypted private key to unencrypted private 
key requires the sitebundle to be resubmitted?

Thanks.

Scott.


_______________________________________________
Handle-Info mailing list
Handle-Info@cnri.reston.va.us
http://www.handle.net/mailman/listinfo/handle-info