You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have contacted Eric Maydeck, who can access the FxA VAPID public and private key data. Even though these keys are public facing data, we should still consider them reasonably sensitive (they could be used to identify traffic in flight) so they should not be exposed outside of SRE control.
Part of #739 ( https://github.com/mozilla-services/autopush-rs/pull/739|smart-link ) includes instructions on how to convert the VAPID public PEM file to an x962 “raw” format that can be included as part of the deployment settings. (This conversion need only happen if/when the FxA VAPID key changes, which is a very infrequent event.)
Collect the VAPID Public key information for all trackable message generation providers.
┆Issue is synchronized with this Jira Task
The text was updated successfully, but these errors were encountered: