Matthew Martin β β
π on Nostr: idea- what if we encrypted .env files with the same cryptographic credentials that ...
idea- what if we encrypted .env files with the same cryptographic credentials that prove you have git commit rights? They still shouldn't be checked into git, but it only takes one mistake to accidentally check them in. (and the encrypt + check in solution is vulnerable to offline cracking and key leaks, i.e. an infinite regress problem of a key to get a key to get a key to get a key...)
Published at
2024-07-27 15:07:42Event JSON
{
"id": "0f46c302de19675357e7ba2cf4236731f63e72f923e32a63c48849bf7d4b2e23",
"pubkey": "ece51acfc6c84a5f625a755bed921f6eac6a9daa6f90817047901dbe0231522f",
"created_at": 1722092862,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/users/mistersql/statuses/112859077813168095",
"activitypub"
]
],
"content": "idea- what if we encrypted .env files with the same cryptographic credentials that prove you have git commit rights? They still shouldn't be checked into git, but it only takes one mistake to accidentally check them in. (and the encrypt + check in solution is vulnerable to offline cracking and key leaks, i.e. an infinite regress problem of a key to get a key to get a key to get a key...)",
"sig": "9ef20ad2442c4258a7f8ee52e50eaad50c9b3fec2d09f1cd551849b0e01fed8745a253f230c12e4f993298cce1f4d1f9bf714ce9ca5622911e159ccbd84f2e4a"
}
