Y
Hacker News
new
|
ask
|
show
|
jobs
by
dikei
1163 days ago
KMS is often used to store KEKs only, you'd still have to create and manage DEKs and use AEAD for actual data encryption.
1 comments
dogma1138
1163 days ago
Depends these days KMS also extends to solutions that provide full on encryption as a service such as Vault. If your design allows for a trusted and well vetted EAAS solution to be used that should be the first you go for.
link