From cfe36679d94f673a05d90ba3cd74da4a7efbac71 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 10 Aug 2021 10:26:16 +0200
Subject: TODO: erase secrets from heap/stack after use

Closes #7268
---
 docs/TODO | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'docs')

diff --git a/docs/TODO b/docs/TODO
index 83939c0b7..d804eb6e1 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -46,6 +46,7 @@
  1.28 FD_CLOEXEC
  1.29 Upgrade to websockets
  1.30 config file parsing
+ 1.31 erase secrets from heap/stack after use
 
  2. libcurl - multi interface
  2.1 More non-blocking
@@ -433,6 +434,15 @@
 
  See https://github.com/curl/curl/issues/3698
 
+1.31 erase secrets from heap/stack after use
+
+ Introducing a concept and system to erase secrets from memory after use, it
+ could help mitigate and lessen the impact of (future) security problems etc.
+ However: most secrets are passed to libcurl as clear text from the
+ application and then clearing them within the library adds nothing...
+
+ https://github.com/curl/curl/issues/7268
+
 2. libcurl - multi interface
 
 2.1 More non-blocking
-- 
cgit v1.2.1