f-board | first open source multiple facebook account 's management

would like to share my candid response in a manner that I deem fit. These are just my personal views.

A DevOps engineer is an integral part of any technology company, which is nurtured with trust and longevity. In terms of safety & security, they know all the weaknesses of the Development team (code) - and possible ways it can compromise the system. SSL is a very tiny piece in the big picture. One should be concerned for N number of other possible vulnerabilities in their system.

Every DevOps engineer chose to be one - because they love how cloud computing and the complexity of a secure network. They religiously ensure security & safety of the entire system 24X7 - in their best capacity. We value associations over petty money/disputes - and we lead an ethical life and not just act ethically on the work front. To add to this - I being one myself - I know how much effort, hard work, dedication and most importantly Time is required to gain client’s trust - I would never imagine throwing all my life work, just like that.

Coming back to a possible solution to your problem - pick up a team or an individual whom you TRUST - ask them to revisit the entire network and secure any vulnerabilities, if any. Changing the SSL would be recommended along with resetting all the passwords.

What I think you may be looking for is called splatting

If you define your parameters in a hashtable, you can pass them as parameters when you use @ as a splat operator. (Note that @ has other uses besides being the splat operator.)

This can be done with a federated ID.

This ID can be used to sign up for Bluemix only if your company has already worked with IBM to register. Registering a company's domain with IBM enables users to log in to IBM products and services by using their existing company user credentials. Authentication is then handled by your company's identity provider. When you log in to Bluemix with a federated ID, you are prompted to log in through your company's login page. For information about requesting to register your company or organization's domain with IBM, or for more information about the process, see IBMid Enterprise Federation Adoption Guide External link icon. An IBM sponsor, such as an offering advocate or client advocate, is required when you request to register federated IDs.

Link: https://console.bluemix.net/docs/admin/account.html

Taken from https://www.vaultproject.io/docs/concepts/seal.html:

1. "Under normal circumstances, does the Vault stay in an unsealed state?" -

When a Vault server is started, it starts in a sealed state. In this state, Vault is configured to know where and how to access the physical storage, but doesn't know how to decrypt any of it.

Unsealing is the process of constructing the master key necessary to read the decryption key to decrypt the data, allowing access to the Vault.

Prior to unsealing, almost no operations are possible with Vault. For example authentication, managing the mount tables, etc. are all not possible. The only possible operations are to unseal the Vault and check the status of the unseal.

1. "Is the purpose of sealing to off-board staff to rotate keys and in case of an intrusion?" -

This way, if there is a detected intrusion, the Vault data can be locked
quickly to try to minimize damages. It can't be accessed again without access to the master key shards.

1. "since if it dies the Vault will seal?" - yes.