platform icon indicating copy to clipboard operation
platform copied to clipboard
verified publisher icon opentdf

Improved KAS key management tools

Open dmihalcik-virtru opened this issue 1 year ago • 1 comments

We currently don't support KAS key management very well

  1. Introduce service keys subcommand to otdfctl: a. init: similar to current init-temp-keys script, this creates new keys b. create: Adds new key or keys of requested type c. import: Adds existing keys of the requested type
  2. These keys update the opentdf.yaml file with the new key information.

Things to think about:

  • the keys should be stored in jwk sets
  • all keys must be compatible with existing clients
  • should be an opentdf subcommand set, to simplify deployment
  • must work on windows

Subtasks:

  • [ ] #1085
  • [ ] #894
  • [ ] #778
  • [ ] #769
  • [ ] #616

dmihalcik-virtru avatar Aug 07 '24 16:08 dmihalcik-virtru

this is currently blocked by the key management adr. moving to BLOCKED until that is complete.

cassandrabailey293 avatar Oct 03 '24 19:10 cassandrabailey293