-
# Table of Contents
1. [Background](#background)
2. [Option 1: Obligations as a separate policy construct](#option-1-obligations-as-a-separate-policy-construct)
3. [Option 2: Obligations via flag…
-
I would like to make sure our testing covers security cases, notably bugs which could result in denial of service conditions. As part of onboarding to the code I will look for opportunities for fuzzi…
-
# Problem Statement
Most of our SQL queries are dynamically generated using [squirrel](https://github.com/Masterminds/squirrel) to build the queries at runtime. The [sqlc](https://github.com/sqlc-…
-
### Background
If the configuration for `kas.eccertid` is missing or improperly types in `opentdf.yaml` config (i.e. `123` instead of `'123'`), the `/kas/kas_public_key` endpoint leaks config infor…
-
HSM will not be directly supported in OpenTDF. Downstream projects that want to enable HSM support will need an extension point to configure an external crypto provider.
Acceptance Criteria
* remo…
-
Debug logs should be focused on debugging an issue in the platform. Currently we are logging readiness checks and this adds more noise than value.
```
{"time":"2024-08-30T16:03:18.265200807Z","lev…
-
see equivalent java-sdk issue for details https://github.com/opentdf/java-sdk/issues/153
-
In kas grants, the Local key type is marked as "deprecated". Until it is removed we should still support it.
-
In the go sdk it was detected that a protocol attack could happen by reading an excessively large manifest. We should introduce the same limits within client-web.
Let's do a test that recreates the t…
-
Complexity: 5
Update the javascript sdk to support ZTDF Assertions
* creating assertions
* validating assertions
* reading assertions metadata
This support will also be added to the Golang …