RFC-18: Encryption of passwords in mapfiles

Frank Warmerdam warmerdam at POBOX.COM
Fri May 26 16:31:15 EDT 2006

Daniel Morissette wrote:
> Thanks for the feedback. I have updated MS-RFC-18 to:
> - Use TEA for encryption/decryption instead of OpenSSL
> - Use hex encoding instead of PEM (base64)
> - Added a note about looking for pairs of { + } with just hex encoding 
> chars in between
> - Added a question about whether we should use a new ENCRYPTION_KEY 
> keyword in the mapfile instead of CONFIG MS_ENCRYPTION_KEY (this came up 
> on IRC)


I'm +1 on it as it stands.  I'm no great fan of new keywords but either
way (CONFIG or ENCRYPTION_KEY) would be ok with me.

Best regards,
I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam at pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush    | President OSGF, http://osgeo.org

More information about the mapserver-dev mailing list