But one thing I noticed

On Wednesday, April 16, 2014, Bruno Oliveira <bruno@abstractj.org> wrote:

Ahoy, answers inline

> And second question, I know Security is not often a good mate with UX but ,
> the console will never show the master/variant secret anymore ?

Also correct. There is nothing set in stone, is just a proposal, because
atm anyone with read access do the database could impersonate push
applications.

I think we would need to continue having IDs/secrets visible on the UI

IMO It's very hard to use Push server, w/o that information; again I didnt read the entire thread yet

Perhsps, we could hide the key (***************) for read-only users; but I think the overall concern is having them in the DB. My guess is that we need to have them being stored on the DB

-Matthias

Another alternative would be to have a single key to the
whole database and only derive the IV, but that would defeat the purpose.

In addition I discussed the possibility of make use of vaults from
Wildfly, but it's not ready yet
(http://lists.jboss.org/pipermail/security-dev/2014-April/001557.html).
Is only available for datasources. That's why I would like to hear about
the impact of this change and why the master secret/secret must be
persisted.

--
abstractj