[Python-ideas] Specification of procedures to store cryptographic secrets

[Greg Ewing]

desnacked at riseup.net wrote:
> Antoine said that cryptographic secret wiping could be achieved if one
> uses bytearrays carefully and then overwrites their contents after use. I
> agree that this sounds reasonable, but I think it would be even better if
> that was a documented property of bytearrays.

I think to fully guarantee that you would need a promise
from the OS that overwriting a particular piece of your
virtual address space removes all evidence of that data
from swap space, etc. I don't know whether any current
OSes provide that kind of guarantee.

-- 
Greg