Skip to content

After all PR close: Verify machineKey decryptionKey have been remediated #34369

New issue
New issue
Closed
Closed
After all PR close: Verify machineKey decryptionKey have been remediated#34369
Assignees
Rick-Anderson
Labels
sfi-adminSFI-Admin
@Rick-Anderson

Description

@Rick-Anderson
Rick-Anderson
opened on Dec 13, 2024

Once #34365 is closed:

  • Validate all locals of machineKey decryptionKey have been remediated
  • Do a robust search to determine no literal keys remain.
    use this regex for the search:
    \b(validation|decryption)Key\s*=\s*\"[A-Fa-f0-9]{2}

This should eliminate false positives like <machineKey decryptionKey="AutoGenerate,IsolateApps" />. Such false positives seem to be fairly prevalent and would pollute a simple <machineKey substring search.

Metadata

Metadata

Assignees

Labels

sfi-adminSFI-Admin

Type

No type

Projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions