Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
miohtama
on Oct 14, 2022
|
parent
|
context
|
favorite
| on:
Toyota suffered a data breach by accidentally expo...
There is already RTC 8958 Secret token scheme for this, so you do not need to invent your own prefix
https://datatracker.ietf.org/doc/html/rfc8959
throwaway290
on Oct 14, 2022
[–]
I see this standard linked here a lot. Did anyone read it though? It only helps with identifying whether a string is a secret, not at all the service or environment where the secret applies.
miohtama
on Oct 14, 2022
|
parent
[–]
If any value does not natively support secret token sceme, you can apply secret-token: prefix and then strip it during the usage.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
https://datatracker.ietf.org/doc/html/rfc8959