Security: 3.19 Tracking issue
Created by: chayim
Plan
Achieve RFC 196 in support of Goal 2: Store and handle external service and external account secrets securely.
Availability
Period is from July 20th to August 19th (23 working days). Please write the days you won't be working and the number of working days for the period.
- @chayim: 19d (off Aug 10-13)
Tracked issues
@ElizabethStirling
-
Send new users (added by site admin) the password reset URL over email #1519
@Unassigned
-
Implement a DBEncryptionStore supporting the database back end #12267
@chayim
-
Create a dedicated token object that can be used as part of the per deployment encryption #12410 -
Separate Secrets Access from Secrets Storage #12165 -
Implement Schema for Secrets Storage #12164 -
Create a dedicated token object for returning the raw and masked tokens #12268 -
Key Rotation Should Re-encrypt objects at rest #12269 -
Update repo_update code to use encrypted store #12264 -
Migrate secrets from JSON blobs to encrypted storage #12263 -
Create an automatic migration for existing data #12265
@daxmc99
-
Generate unique keys on a per deployment basis #12409 -
Create a dedicated token object that can be used as part of the per deployment encryption #12410 -
Key Rotation Should Re-encrypt objects at rest #12269 -
Create a dedicated token object for returning the raw and masked tokens #12268 -
Create an automatic migration for existing data #12265 -
Update repo_update code to use encrypted store #12264 -
Migrate secrets from JSON blobs to encrypted storage #12263