Alexander Scheel

See also https://discuss.hashicorp.com/t/hcsec-2024-07-vault-tls-cert-auth-method-did-not-correctly-validate-ocsp-responses/64573

@DanGhita This is rather complicated; let's chat about this one online sometime. I have a reproducer, and while I conceptually know the fix, fixing this doesn't really accomplish much, IMHO....

Hello @IohannesArnold! Great to hear. Give me a couple of weeks and I think I can put together two different proposals for how this can be implemented. With no offense...

Yes, that's definitely a direction I see. Many of the issues with e.g., multi-unseal could be solved by making Vault only single-seal aware, but making a backend library handle the...

Thanks @IohannesArnold! If you want to take a stab at it in g-k-w, it might be valuable to have anyways. I've used that library in the past and I think...

\o Hello @hixichen, Thanks for the issue! This came at a good time, as we are considering a GA roadmap as a community; we welcome any additional thoughts you might...

\o hello again @hixichen! > The simplicity and generic interface of the KV model restricts transactional capabilities since a single Vault write operation necessitates multiple write calls. Just to clarify,...

AFAICT, the phrase `porkbun` does not include in our source tree. I suspect what has happened is at one point, someone accessed `openbao.org` earlier in the domain's lifetime from LinkedIn,...

We might want to have a discussion as a community about this one later, perhaps at this week's call @naphelps. One of the reasons why I wanted to remove this...

@alberk8 if it is wire compatible, I assume there would be no work to do? You can find the old backend here: https://github.com/openbao/openbao/blob/before-plugin-removal/physical/postgresql/postgresql.go