Shouldn't the key not be stored in the object?

Question

Shouldn't the key not be stored in the object?

Closed this issue 8 years ago · 3 comments

If I am giving the Macaroon object to a client, I don't the think the client should have access to the initial key used to generate the macaroon.... Would be a good idea to just not store it in the same object?

Answer 1 · 2016-12-22T14:53:12.000Z

You're right, it'd be a big security issue if the client had access to the secret key. But the client should only interact with the serialized macaroon, which does not contain the secret key. @ecordell correct me if I'm wrong

Answer 2 · 2016-12-27T18:01:33.000Z

That's right, the client will never get the original key once the macaroon is serialized.

If the concern is more about keeping the original key in memory for longer than needed, that seems valid (in pymacaroons it's only used for creating the initial signature, then discarded). But for macaroons it's worth remembering that the current signature is always the extension key, so giving someone a blank macaroon with no caveats is roughly as bad as giving them the original key, if the key is not shared between macaroons.

Answer 3 · 2016-12-27T20:11:20.000Z

Thanks for the clarification, I'm closing this issue