|
|
|
|
|
|
by franky47
1244 days ago
|
|
|
Slight typo in https://infisical.com/docs/security/overview: x2519-xsalsa20-poly1305 should be x25519-xsalsa20-poly1305 (PR submitted). You mention password-based encryption of user private keys, do you have more information on how it's done? I can think of a famous "secret manager" that got this very wrong recently. Also, when you have the time, consider adding a security.txt [1] to your main website so security researchers know how to report vulnerabilities. [1] https://securitytxt.org/ |
|
|