key-management.md: Add a note deprecating unescorted ed secrets

2023-05-18 11:11:58 -04:00 · 2023-05-18 11:11:58 -04:00 · d75b4af0f1
parent 82801d9963
commit d75b4af0f1
1 changed files with 1 additions and 0 deletions
--- a/doc/dev/notes/key-management.md
+++ b/doc/dev/notes/key-management.md
@ -23,6 +23,7 @@ let intro_auth_key_spec: HsClientSecretKeySpecifier =
    (client_spec, hs_id, HsClientKeyRole::IntroAuth).into();

 // Get KP_hsc_intro_auth
+// TODO #798, TODO HS: We should not use "unescorted" ed25519 secrets.
 let sk: Option<ed25519::SecretKey> = keymgr.get::<ed25519::SecretKey>(&intro_auth_key_spec)?;

 // Alternatively, instead of returning a type-erased value, KeyStore::get could return a `Key`