Josh Grossman
Josh Grossman
Ok so let me have one more try, I think doing this for every library is unrealistic as it means every library being separated from every other library. @elarlang |...
> Let's distance from the wording and reset to the beginning: what is the application security problem to solve or address with this requirement? In the most sensitive applications, we...
I agree with the concept but I think this needs to be part of how sensitive data is defined and protected. I think we should push this until the big...
So having thought more about it, I don't love this because it would lead to us being very prescriptive and requiring a specific type of protection. Practically speaking there may...
I saw the email and I understand the importance of database level encryption. The problem is that we end up with a requirement like: "Use database level encryption for sensitive...
- 1.6.3 - The requirement is about key/password rotation. The type of data doesn't matter. We could also just say data without changing the meaning of the requirement. - 1.6.4...
Perfect, thanks very much!
> I don't know what kind of validation mechanisms you have used or using right now but I'd like to help for the updates if I can. Check your email...
This is now merged to both the master and v5.0.0 branch