Open ahupp opened 1 day ago
Snapshots don’t contain sensitive cryptographic material, as they are built after signature verification. The only cryptographic material they contain is public keys from trusting
annotations.
As such you cannot turn an authorizer into a usable biscuit without the signing private key.
As for logging, you still need to care about PII that might be contained in the biscuit or the authorizer, but that’s a separate concern.
Stating this clearly in documentation would be a good idea indeed.
It's unclear from the docs; can a snapshot be turned back into a usable biscuit? I'm wondering about the contexts it would be safe to log it, and whether I need to attenuate with
check if false;
or something before doing so?