OpenSSL: Secrets Life Cycle

Mi'kail Eli'yah

11 min readOct 17, 2020

--

The Generic Secret Life Cycle

[0] Entropy test
When a secret is generated, the RNG must 1st pass the entropy test, and have the test logged for the ‘key birth certificate’. Any error or failure must also be logged.[1,2] Escrow and storage 
Assuring key generation sanity, i.e. it passes the entropy test during generation, the secret may be escrowed. The secret is set to…

Mi'kail Eli'yah

Written by Mi'kail Eli'yah

Scientist, humanitarian

Help
Status
About
Careers
Blog
Privacy
Terms
Text to speech
Teams