> *KeywhizFs is a FUSE-based file system, providing secrets as if they are files... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		staunch on April 21, 2015 \| parent \| context \| favorite \| on: Keywhiz: Square's system for distributing and mana... > KeywhizFs is a FUSE-based file system, providing secrets as if they are files in a directory. Transparently, secrets are retrieved from a Keywhiz Server using mTLS with a client certificate. I hope this doesn't bring their entire infrastructure tumbling down when a network problem causes processes to block while reading from the mount point.

bigmac on April 21, 2015 [–]

There's an in-memory cache that keeps the secrets locally even when the server disappears either due to downtime or network issues.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact