[jboss-jira] [JBoss JIRA] (AS7-1102) Create PKCS#11 Compitable Cryptographic Services for Domain Management

Thu Oct 6 10:40:18 EDT 2011

    [ https://issues.jboss.org/browse/AS7-1102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12632791#comment-12632791 ] 

Darran Lofthouse commented on AS7-1102:
---------------------------------------

We now have a vault implementation, enhancments such as this should be re-visited post-7.1
                
> Create PKCS#11 Compitable Cryptographic Services for Domain Management
> ----------------------------------------------------------------------
>
>                 Key: AS7-1102
>                 URL: https://issues.jboss.org/browse/AS7-1102
>             Project: Application Server 7
>          Issue Type: Task
>          Components: Domain Management, Security
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>
> Within domain management there are occasions where passwords need to be stored or keystores accessed either for encryption / decryption of password or to load the keys used for SSL exchanges.
> Commonly a password within code is used for password based encryption of other passwords, this obfuscates the password but does not over complicate the process of recovering the password, alternatively a local keystore can be used for the encryption but again everything is available on the local disk to recover the password.
> PKCS#11 will allow the cryptographic to be delegated to hardware which contains it's own protection against keys being made available.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira