Protecting infrastructure secrets with Keywhiz from Square

Hi, First of all looks like an amazing project so thanks! You mention key rotation but I think I might have misunderstood what you're talking about. Let's say I have a symmetric key and I want to change it, in a CD environment there is a short period where you need to support two keys. How does KeyWhiz fit in there? If it doesn't I'd really like to understand what you meant

I&#x27;d love to hear from some of the team who built this about differences between Keywhiz and Keyczar, which to my mind was the best-practice open-source cross-platform solution to date (i.e. if you&#x27;re not relying on things like AWS Cloudformation config or Heroku config vars to &quot;manage&quot; secrets).<p>Obvious pieces to me appear to be (1) roles and auditability (2) end-user front-end (3) filesystem interface &amp; associated ease of access for various services. But I&#x27;m not an expert!

This is a good talk on (what I believe to be) this software: <a href="https:&#x2F;&#x2F;www.slideshare.net&#x2F;diogomonica&#x2F;bletchley" rel="nofollow">https:&#x2F;&#x2F;www.slideshare.net&#x2F;diogomonica&#x2F;bletchley</a>