SgtCoDFish
commented
1 month ago https://cert-manager.io/docs/faq/#why-are-passwords-on-jks-or-pkcs12-files-not-helpful
I wrote this a while back, this is done!
Closed SgtCoDFish closed 1 month ago
SgtCoDFish
commented
1 month ago https://cert-manager.io/docs/faq/#why-are-passwords-on-jks-or-pkcs12-files-not-helpful
I wrote this a while back, this is done!
We [1] generally agree that passwords on JKS / PKCS#12 files solve no problems in any practical threat model when using cert-manager or trust-manager. That can be incredbly unintuitive for users who see the word "password" and assume it must be a security feature.
We should document why we take the position that this is not a meaningful security feature on the website, so we can refer people to that text.
[1]: This was discussed in our standup on 2023-11-17