TODO: erase secrets from heap/stack after use

author Daniel Stenberg <daniel@haxx.se>

Tue, 10 Aug 2021 08:26:16 +0000 (10:26 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Tue, 10 Aug 2021 08:26:16 +0000 (10:26 +0200)
author Daniel Stenberg <daniel@haxx.se>
Tue, 10 Aug 2021 08:26:16 +0000 (10:26 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Tue, 10 Aug 2021 08:26:16 +0000 (10:26 +0200)
diff --git a/docs/TODO b/docs/TODO

index 83939c0b7f062ac001a16f1fe76fbd96cde15bf6..d804eb6e159ea677a9828f8c1f63bde9cab77877 100644 (file)
--- a/docs/TODO
+++ b/docs/TODO
@@ -46,6 +46,7 @@
   1.28 FD_CLOEXEC
   1.29 Upgrade to websockets
   1.30 config file parsing
+ 1.31 erase secrets from heap/stack after use
  
   2. libcurl - multi interface
   2.1 More non-blocking
@@ -433,6 +434,15 @@
  
   See https://github.com/curl/curl/issues/3698
  
+1.31 erase secrets from heap/stack after use
+
+ Introducing a concept and system to erase secrets from memory after use, it
+ could help mitigate and lessen the impact of (future) security problems etc.
+ However: most secrets are passed to libcurl as clear text from the
+ application and then clearing them within the library adds nothing...
+
+ https://github.com/curl/curl/issues/7268
+
  2. libcurl - multi interface
  
  2.1 More non-blocking
author	Daniel Stenberg <daniel@haxx.se>
	Tue, 10 Aug 2021 08:26:16 +0000 (10:26 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Tue, 10 Aug 2021 08:26:16 +0000 (10:26 +0200)