As part as exploit mitigation (#15179), it's important for sensitive data like cryptographic keys (especially for perfect forward secrecy) to be able to securely wipe them as soon as they are not needed. This avoid data to leak because of unsafe code with memory leak (e.g. Heartbleed), arbitrary code execution, suspend to disk, cold boot attack…
This imply memory (data copies) that should be cleaned with a function like the C11 memset_s or OpenBSD explicit_bzero (guaranteeing that the compiler will not optimize and do nothing) and declared variable like with the C volatile to avoid side effect. The memory should also be marked as not swappable. Processor registers who manipulates sensitive data should be explicitly cleaned as well.

Good article on the subject: http://benpfaff.org/papers/shredding.html/index.html
Nice post explaining the problem with CPU registers: http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html

It would be handy to be able to annotate types (e.g. PrivateKey) with an attribute like #[sensitive]. Rust's runtime could then take care of cleaning data footprints after variable end of life, explicit drop call and all CPU registers used. This could be tricky…

cc @DaGenix