utils icon indicating copy to clipboard operation
utils copied to clipboard

Published 20 hours ago verified publisher icon RustCrypto

zeroize: add a big fat warning that it's a low-level primitive

Open Shnatsel opened this issue 2 years ago • 1 comments

zeroize is a low-level crate and does not guard e.g. against implicitly copying the value. However, people sometimes assume that it does: https://benma.github.io/2020/10/16/rust-zeroize-move.html

While secrecy crate is recommended in the docs, it's buried below the sales pitch. Perhaps a big warning right at the top that zeroize is a low-level crate and most people should use secrecy instead would prevent such misunderstanding.

Shnatsel avatar Nov 05 '21 14:11 Shnatsel

Could you provide a complete blurb you'd like to see added, and make suggestions as to where it should go relative to the other parts of the documentation? Possibly open a PR?

Much of what you're describing is already covered in the already voluminous existing documentation, however it's buried at the bottom and it sounds like you'd like it closer to the top?

tarcieri avatar Nov 05 '21 14:11 tarcieri

I think we can close this issue. We will be happy to receive documentation improvement PRs.

newpavlov avatar Mar 01 '24 12:03 newpavlov