burke
commented
6 years ago I think the file suffix .ejson should be sufficient to communicate that the contents are encrypted. What's the use-case?
Closed yagnik closed 6 years ago
burke
commented
6 years ago I think the file suffix .ejson should be sufficient to communicate that the contents are encrypted. What's the use-case?
yagnik
commented
6 years ago Currently we have around ~100 services, which were using something similar to databags for config. We want to move them to the code but we need only certain keys to be encrypted as opposed to all keys. This is mostly so users can see the content of the most keys except sensitive data. A large part of the use case comes in seamlessly moving them to this.
Currently I have written a wrapper around ejson that does something similar but thought that a feature where you can specify suffix/prefix would be better.
burke
commented
6 years ago I am hesitant to add more features to EJSON. I think security primitive stuff like this is best with strong opinions, especially around which data gets encrypted (e.g. accidentally copying this flag from another repo but not understanding the intent would mean not encrypting any secrets at all!)
Have you considered not using EJSON for stuff that doesn't want to be encrypted? You could have a secrets.X.ejson and a metadata.X.json maybe?
yagnik
commented
6 years ago I do agree with you, unfortunately making that happens means code changes across 100 services which isn't an option right now. I'll stick to using a wrapper for now until we can support multiple files. Thanks !
Currently ejson doesn't encrypt keys starting with _ which can be a good default. We are trying to make it explicit which keys need to be encrypted by using a suffix _encrypted.
Do you think this would be a good idea for ejson as an optional flag ?