← Back to context

Comment by viraptor

7 years ago

Another use case I don't know a replacement for is offline team+deployment secrets. Requirements:

- you need team members to read/write the secrets

- you need the deployment service to read the secrets

Without using an online system managing the secrets via ACLs + auth, I don't know how to replace PGP here.

what's wrong with an online system managing the secrets? KMS is great, and makes it easy to separate decrypt from encrypt permissions.

(KMS is not the only option! I'm just trying to eke out why you think that's valuable. For example, I think age, mentioned in the blog post, is a direct replacement?)

  • It has to be online. And reliable. And you can run into rate-limiting. And you have to be online. And services using it need extra network configuration to allow access. And if you can't narrow it down to a single ip/block you have a service with full network access just to reach out to a KMS.

    • KMS historical downtime is pretty great, rate limits have been bumped quite a bit to the point where I seriously doubt you're hitting them for secrets management, I'm not sure you can do a lot of useful things with most secrets while you're offline, KMS has a VPC endpoint and an Internet endpoint, so you can do both variants of the tight network scoping you want.

      (And, again, age once that's around :-))