On 03/02/2014 08:49 PM, David Anderson wrote:
Greetings,
I've been looking at the crypto that underlies ansible-vault, and I'm
worried. Specifically, it seems to me that the vault as implemented is
not safe for credential storage.
If you haven't read the implementation, this is essentially w
We will be reading over this, thanks.
If I may summarize most of your concern it seems to me you are saying there
shouldn't be a way to verify integrity, because ultimately you will be able
to try passwords via the API regardless as you would have been able to ask
is this a valid password before.
Greetings,
I've been looking at the crypto that underlies ansible-vault, and I'm
worried. Specifically, it seems to me that the vault as implemented is not
safe for credential storage.
If you haven't read the implementation, this is essentially what happens
when you encrypt a file with ansible-va