Add reference for the transport key

Registered by Ade Lee

Transport keys are used to ensure that the secret is pre-encrypted in such a way that only the client and the back-end store can decrypt the secret. This is for users which do not trust Barbican, but do trust the back-end secret store. Or for those that need FIPS and CC certified components.

Currently, the client gets the transport key from Barbican. But if the client does not trust Barbican, this is a potential vulnerability. We need to add the ability for the client to retrieve the transport key from the back-end store directly.

Blueprint information

Status:
Not started
Approver:
Douglas Mendizábal
Priority:
Medium
Drafter:
Ade Lee
Direction:
Approved
Assignee:
None
Definition:
Approved
Series goal:
Proposed for liberty
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.