You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We [1] generally agree that passwords on JKS / PKCS#12 files solve no problems in any practical threat model when using cert-manager or trust-manager. That can be incredbly unintuitive for users who see the word "password" and assume it must be a security feature.
We should document why we take the position that this is not a meaningful security feature on the website, so we can refer people to that text.
[1]: This was discussed in our standup on 2023-11-17
The text was updated successfully, but these errors were encountered:
We [1] generally agree that passwords on JKS / PKCS#12 files solve no problems in any practical threat model when using cert-manager or trust-manager. That can be incredbly unintuitive for users who see the word "password" and assume it must be a security feature.
We should document why we take the position that this is not a meaningful security feature on the website, so we can refer people to that text.
[1]: This was discussed in our standup on 2023-11-17
The text was updated successfully, but these errors were encountered: