Heiko on Nostr: During our work towards openpgp-card v0.5 ...
During our work towards openpgp-card v0.5 (https://fosstodon.org/@hko/112520486266094575), we wondered how to deal with secrets in log files.
It's often good if secrets are redacted in logs: This avoids accidental publication of a user PIN (or decrypted payload) in bug reports.
On the other hand, it can be useful for a developer to have full and verbatim logs (including secrets) for debugging.
We started work on this, but would like to hear from you. What should we do?
#smartcard #logging #OpenPGP #debug #RustLang
It's often good if secrets are redacted in logs: This avoids accidental publication of a user PIN (or decrypted payload) in bug reports.
On the other hand, it can be useful for a developer to have full and verbatim logs (including secrets) for debugging.
We started work on this, but would like to hear from you. What should we do?
#smartcard #logging #OpenPGP #debug #RustLang