Love your presentation and organization! you have mastered the virtual meeting and how to effectively communicate with the team! I’ll try to apply these techniques to my meetings moving forward.
What were the main reasons the Secret Management was created as a library and not automatically in the core and worst case create an interface for 3rd party vaults to register to the engine. Wouldn't that be more secure?
Hey Arie - I think that question was at least *partly* answered in the video (11:20) where they showed support for local and remote vaults - including many third parties. I'm particularly excited about having this option. I can only guess that the reason for this module being non-core is that it came along about PS5.1, and I'd imagine integrating it into core would probably be a lot more lift/work *and* might force users to install features they don't need. [I happen to agree that this *should* be available by default, but I also respect the realities of adding features to a long-lived application] 😊
@@h3techsme Not that much. By definition as 5.1 is "feature complete" so I can understand a library there. Maybe. I don't think the user base that do need a secure store, didnt already made sure to have a solution and based on the numbers, it really doesn't make sense to invest in this for 5.1 sake. For ps 7.x+, it means, potentially, devs of the core might introduce changes that will break the integration with the library. I dont think it has to do with lifting it as its based on .Net core secure libraries to allow this to work. Like you, I think at least the local SecretStore should come out of the box and then create an interface for 3rd party stores. Security should come by default, not as an addon.