> > Yes, this needs to be done. The credentials for this stuff should be > just fetched from wherever one wants. 100% agree with that and that > maybe next iteration on top of that, should be rather easy. This was > done in CEP-9 already for SSL context creation so we would just copy > that approach here, more or less. > > I do not think you need to put the key in the yaml file. THE KEY? Why? > Just a reference to it to read it from the beginning, no? > > What I do find quite ridiculous is to code up some tooling which would > decrypt credentials in yaml. I hope we will avoid that approach here, > that does not solve anything in my opinion.
+1 I think key management will be the main correctness challenge with this, tooling will be the usability challenge, and the JVM will be the performance challenge ... -Joey