Do you work in, or are you passionate about, application security (ie OWASP) or infosec?
Then we’d really appreciate your advice and guidance on a design pattern we’re considering to store Skill Settings - settings used to provide functionality for Skills - such as OAuth credentials or say login credentails - on home.mycroft.ai.
Ideally we’d like to encrypt the credentials on both the server and the Device (the Device - such as a Mark 1 - pulls the Skill Settings down from home.mycroft.ai).
Has anyone done something like this before? What would you recommend? Does key management make it harder?
Thanks in advance for any suggestions you may have.