9front - general discussion about 9front
 help / color / mirror / Atom feed
* [9front] Factotum "extensions" and secstore security
@ 2023-03-04  9:40 sirjofri
  0 siblings, 0 replies; only message in thread
From: sirjofri @ 2023-03-04  9:40 UTC (permalink / raw)
  To: 9front


I was wondering how factotum behaves if it's fed with keys that factotum doesn't understand, e.g. with a proto that factotum can't handle?

I'm planning on changing factotum a bit, but maybe only on one machine to keep stability. Though it is easy to just feed the locally adjusted factotum with the new secrets, I'm still wondering if it's fine to keep all the secrets in one file (secstore-style) and if the unchanged factotum will just ignore them.

For those wondering, I'm planning for proto=totp and maybe even an updated secstore that allows for totp-based security since I've heard that secstore isn't secure for modern standards (with the suggestion to only run it on a local network).

So, what's the state of secstore? How would a more secure version of secstore look like?


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2023-03-04  9:43 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-04  9:40 [9front] Factotum "extensions" and secstore security sirjofri

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).