Loading...

XML

Word

Printable

Details

Type: Task
Resolution: Won't Do
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: Domain Management, Security
Labels:
None

Description

Within domain management there are occasions where passwords need to be stored or keystores accessed either for encryption / decryption of password or to load the keys used for SSL exchanges.

Commonly a password within code is used for password based encryption of other passwords, this obfuscates the password but does not over complicate the process of recovering the password, alternatively a local keystore can be used for the encryption but again everything is available on the local disk to recover the password.

PKCS#11 will allow the cryptographic to be delegated to hardware which contains it's own protection against keys being made available.

Attachments

Issue Links

is related to

AS7-643 Consistent mechanism for masking passwords across the configuration

Closed

relates to

WFLY-2890 Add support for PKCS#11 configuration within security realms.

Closed

Activity

People

Assignee:: Darran Lofthouse

Reporter:: Darran Lofthouse

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2011/06/23 10:17 AM

Updated:: 2014/02/10 7:29 AM

Resolved:: 2011/10/06 10:40 AM