ChipTuner's avatar
ChipTuner ChipTuner@gitcitadel.com 0 years ago
A few questions I had for a friend - Are secret keys loaded into the same address space as the process running an http server? - Are secret keys stored in plaintext or reversible encryption accessible to the process running an http server? - Are secret keys stored in a file readable by the http server process? What is a public url of a hosted version one might play around with? Again asking for a friend.
↑ Parent

Replies (1)

JeffG 's avatar
JeffG _@jeffg.fyi 0 years ago
The answer to all three is what you don’t want to hear. For v1 I’ve left a lot to desire. Keys are encrypted at rest but fetched/decrypted by the same process running the http server (but not from any of the http methods directly).