On Sat, 27 Jul 2013, Paul E Condon wrote: > I intended the question to be answered in the context of the post by > Henrique de Moraes Holschuh, where 'across security domains' is > considered less desirable than 'across hosts'. I know what hosts are > when writing computer stuff, but, come to think about it what does it > mean to rotate keys? Is the idea that a particular key string is to be
Switching to a new one and disposing of the older one is, for whatever reason, usually called "rotating the keys". > reused on some host after it has been removed from service on some > other host? I had thought that it was best to never use a retired key > string again - but security is tricky - maybe there might be some You're correct. It is best to dispose of old keys, and never reuse them. > point in using old strings as the keys on some (unmentioned) honey pot > servers. You could do that, but there might be risks associated with that (or not). -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130728131242.ga7...@khazad-dum.debian.net
