Hacker News new | past | comments | ask | show | jobs | submit login

PD and secrets are not the same thing. You can be following all technical best practices regarding secret management and still fuck this one up.

You got downvoted because storing encrypted secrets is fine.




> storing encrypted secrets is fine

Only until/unless the encryption is broken. I wouldn’t store long-lived secrets even encrypted in a public place.


"You got downvoted because storing encrypted secrets is fine."

Storing where?


... in version control. The response is intended to be read in context of the sentences above it.


The security and integrity of data shouldn't rely on itself to prove such.. imagine trying to store a checksum within the data it represents for instance.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: