Jean-Pierre Schwickerath wrote:
Changing a passphrase is certainly possible with SSL. Code can also be
included to enforce strong passphrases. These are good things but, however
strong or however repeatedly changed a passphrase is, if it's stored on the
same disk as the key, then it's pointless. You may as well not have a
passphrase at all. It adds nothing to the security of the system.
Every decent program storing certificates should allow the user to
decrypt his/her certificate with the password supplied by the CA and
then reencrypt it with a passphrase chosen by the user.
We're relying on _posession_ of a private key and _knowledge_ of a passphrase
to authenticate someone whose identity we cannot verify any other way. With
the passphrase on disk, it becomes posession of the key file and posession of
the passphrase file. In a lot of cases, that just amounts to posession of the
laptop they're both stored on. The two aspects of the authentication have to
remain seperate for the procedure to be viable.
Unless you're into biometrics, then the only way to maintain that separation
is to have the passphrase stored nowhere except in the memory of the owner of
the key. If it gets forgotten then that's tough. They have their certificate
revoked and a new one signed/assigned
In the end, the user has to bear some responsibility for the security of their
Openvpn-users mailing list