This sounds like a good idea for a package that depends on cryptography,
but not in cryptography itself. If you decide to do that please let me know
as I'd love to see it!
-Paul Kehrer (reaperhulk)
On December 19, 2016 at 3:19:08 PM, Alex Gaynor (alex.gay...@gmail.com)
wrote:
I'm opposed -- ther
I'm opposed -- there's no benefit to this being in cryptography itself;
this API can be totally implemented outside of it.
Alex
On Mon, Dec 19, 2016 at 4:17 PM, Boris Bobrov wrote:
> Hi!
>
> I work on OpenStack Keystone. We use Fernet keys for our tokens. A
> token is a basically a tuple encryp
Hi!
I work on OpenStack Keystone. We use Fernet keys for our tokens. A
token is a basically a tuple encrypted with fernet key.
Fernet keys need to be rotated once in a while. Now we store them on
disk. But it is problematic to rotate them in containers, because
containers are supposed to be immut
