Closed lumjjb closed 3 years ago
Any update on this?
We're currently in the middle of overhauling the SPIFFE/SPIRE docs structure, I think part of that work will be introducing a series of conceptual guides (which we are currently missing). A conceptual guide describing SPIFFE/SPIRE security properties sounds like a great place to publish what we have.
That being said, we're not quite there yet - open to ideas on where/how you'd like to see this? We put links to all the material we have in the CNCF Security Assessment, perhaps we link to that from spiffe.io in the meantime?
Its now linked on github.com/spiffe/spire
During the SPIFFE/SPIRE assessment, there were many very comprehensive documents on threat modeling of SPIFFE/SPIRE. It would be great if these documents are also available on the SPIFFE docs.