12

There are lots of questions about where/how to store encryption keyes, peppers, authentication tokens and what not on a server. They usually get half hearted answers or get closed as duplicate of some other question on the same topic.

I think a canonical question would be in order, and there is already a good candidate: Where to store a key for encryption?

However, the question has some drawbacks. It is focused on encryption keys, but could be more general to concern all server side secrets. And there is some confusion regarding hashing versus encryption that distracts from the main point.

Would it be OK to edit both question and answers to make it more to the point? E.g. make the question broader, and remove the whole hashing thing. Is it even a good idea to use this as a canonical question? Would it be better to ask a new one?

1 Answer 1

Reset to default
6

I do think a canonical question would be in order, but I do not think that candidate is fitting. The answers are far too specific to secrets with the specific properties of encryption keys such that editing them to be more general would not be as simple as changing the phrasing. For example, peppers can simply be stored in a file in /etc, since all that matters is that it will not be leaked during an SQLi dump of the database. The candidate you propose, being specific for encryption keys, goes on to say that storing a pepper on the filesystem is next to useless. Likewise typing out a user's authentication token at system boot and storing it in memory makes no sense, unless "authentication token" is replaced with "disk encryption key". In my opinion:

  • If the question is about where to store a specific bit of sensitive data (but not an encryption key), it should be allowed to exist as its own question. Different questions have different threat models.
  • If the question is about where to store an encryption key, it should be marked as a duplicate of your candidate. After all, it does explain exactly how to deal with keys.
4
  • If the answer is very different depending on the type of secret (and you make a good case it is), then I think there shouldn't be one canonical question for all types. So the candidate would perhaps be a fitting canonical question for the narrow case of encryption keys?
    – Anders
    Commented Jan 30, 2018 at 9:29
  • @Anders Yeah, I think a canonical answer for encryption keys would be good, especially given that the candidate answer posted is really good at explaining the issues with storing encryption keys.
    – forest
    Commented Feb 1, 2018 at 2:49
  • 2
    I will give this some time in case there are more opinions, but if nothing else pops up I will go ahead and make some minor edits to the suggested Q&A. But I will keep the focus on storing encryption keys and nothing else.
    – Anders
    Commented Feb 1, 2018 at 11:52
  • I have edited the question and answer now. Thanks for the valuable input!
    – Anders
    Commented Feb 7, 2018 at 8:39

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .