Paul Higinbotham

This is not expected. Please see comment: https://github.com/PowerShell/SecretStore/issues/61#issuecomment-829370586

Microsoft, of course, cannot make any security guarantees for third party vault extensions. I think trust will have to come through community involvement, with code reviews and security reviews.

Both SecretManagement and SecretStore currently only work with accounts having profiles, which determine the location and security of registry, configuration, and store files needed for the implementation. Consequently, SecretManagment and...

I am removing WG-Remoting tag because this is not a remoting issue. If you want a secure remote session, you should use: ```powershell SessionType = 'RestrictedRemoteServer' ``` And remove the...

@CarloToso My apologies. We let this sit too long and another PR has made these same changes (#18795). Since the change has already been made, I will close this as...

Invoke-Command already supports fan-out scenarios, so in this case you don't need to use ThreadJob. ```powershell $resultsJob = Invoke-Command -Cn @('computer1','computer2','computer3',...) -FilePath .\GatherData.ps1 -ThrottleLimit 25 -AsJob ``` But if you...

No, there is a lot more involved for signatures. But .NET Crypto APIs is a step in the right direction.

@SSvilen Thanks, I am back in office now. I am glad that this helps, but as we discussed this is really something that should be addressed in a blog. I'll...

SecretManagement allows an extension vault to be registered multiple times, because it is possible that an extension vault may support different contexts via the registration `VaultParameters`. However, the `SecretStore` vault...

Sounds like there is a need for multiple store instances. Adding PS-Committee review for visibility. /cc: @SteveL-MSFT, @SydneyhSmith