-
Notifications
You must be signed in to change notification settings - Fork 46
Key Rotation Milestones
Chris Dunlap edited this page Sep 2, 2020
·
3 revisions
key format (v2)
- add
valid-start
andvalid-end
64b timestamps - add
comment
field - add
checksum
field to detect corruption - revamp key construction
- replace use of SHA-1 with SHA-256 or SHA-512
- update subkey distinguishers
- update subkey derivation to use HKDF
keyring format (v2)
- define on-disk binary format
- allow multiple keys in keyring file
- add
checksum
entry to detect corruption - add
realm
entry
credential format (v4)
- define extensible format
- support 64b timestamps
- add
data-encryption-key
packet type - change order of crypto ops to "encrypt-then-authenticate"
- revisit how DEK is generated
libmunge
- add function to support sending
RELOAD_KEYRING
command
protocol
- add
RELOAD_KEYRING
command
mungekey
- compute key ID from key w/o exposing sensitive key material
-
--list
cmdline opt to list keys and corresponding IDs -
--validate
cmdline opt to verify keyring checksum - support editing key's
valid-end
time - support specifying
valid-end
time during key creation - support specifying
valid-end
time in various formats -
--import
cmdline opt to import keys -
--export
cmdline opt to export keys -
--append
cmdline opt to append keys to existing file -
--reload
cmdline opt to signalmunged
to reload keyring- link against
libmunge
for communicating withmunged
over socket
- link against
munged
- support reloading key while daemon is running
- revisit statically-initialized mutexes and condition variables
- support efficient locking of key data structures to allow modification
- support receipt of
RELOAD_KEYRING
command to reload key - when loading key, add timer to disable key based on
valid-end
time - when encoding credential, create DEK packet for each active key
- when decoding credential, process each DEK packet regardless of rv