[...]

Everything stored in the Keychain is encrypted.  
You should really read the Keychain overview documentation in the  
Xcode documentation browser, or online at the ADC website. 

 —Jens  
 

Title: Re: Where does the login name and password are stored 







 Thanks for the reply. 

Is there a Keychain API which does the password encryption?

[...]



  

[...]

There is no way to explicitly disable CRL checks (at all). There is a way for force it *on* for a particular validation, but not off. (Yes, that's on purpose.)

CRL validation is done if the user preference is on *and* the certificate has a CRL Distribution Point extension. [...]

[...]

And before you prompt the user for his password and store it *anywhere* (keychain or not), please make an effort to make do without this. How you might go about this depends a lot on what you need it for, of course. A good approach in many cases, is to arrange for a derived secret (some key or secondary password) that is only valid for the interaction you require, and store *that* instead of the primary user password, which is rather more valuable (because users tend to reuse them in all kinds of dangerous places).

Cheers
  -- perry 

Dear all,  
My application's code is signed with a self-signed Code Signing  
Certificate. Upon launch, it checks for its own integrity by running  
codesign against itself. This works fine for most users, but for some  
of them codesign returns a "can't find appropriate CRL" error. [...]

[...]

NSUserName() returns the username. As far as I know, there is no way  
to get the password, for security reasons. You should prompt the user  
for their LDAP password, then use the SecKeychain APIs to save the  
password; that way the user only has to enter it the first time the   [...]