[Info-vax] Some of what I'm reading...
Arne Vajhøj
arne at vajhoej.dk
Sun May 20 20:36:09 EDT 2018
On 5/20/2018 8:19 PM, Stephen Hoffman wrote:
> On 2018-05-20 13:28:01 +0000, IanD said:
>> Bit hard for VMS to support the secure key store when it's a function
>> of the Apple chip.
>
> The keychain store doesn't require the Apple T2 chip. The keychain
> storage uses a set of APIs and AES encryption to maintain and protect
> private keys and passwords. Various x86-64 processors do have AES
> acceleration too, which is handy.
>
> OpenVMS has no concept of protecting keys and private certificates. It's
> all tossed over to the user to deal with. Or to not deal with, as the
> case may be. Apache has its own certificate store, and so does the
> upstream-deprecated-a-decade-ago CDMA, so does ssh, and so too does
> OpenVMS, as do some apps. DECnet has its own password storage, as do
> various apps. Etc. Everybody has implemented their own schemes. Some
> are better than others.
PKCS#12 is a standard (RFC7292).
And I believe that both OpenSSL and Java can use PKCS#12 stores.
Arne
More information about the Info-vax
mailing list