Problem Statement
- The sentitive sensitive information, like datastore credentials, WiFi Passwords etc., are in clear-text format inside the configuration blob, received from EVE Controller. The sensitive information is exchanged between agents in the EVE node, as is through pubsub channel.
- The sensitive information should be in cypher text format inside the configuration blob for EVE node. A set of APIs will be provided to the EVE agents to decrypt them.
- The sensitive information exchange between the EVE Controller and EVE Node should be encrypted end-to-end, in man-in-the middle proxy deployments also.
- There encryption methodology for this, should also work with third-party CA verification
...