Hello all,

We've put together a proposal for Securing Service Instance Credentials [1]

Security Officers and Cloud Foundry / Service Operators want to meet
security best practices and their internal policies with respect to the
creation, storage, and delivery of credentials to applications for use in
accessing services while minimizing effects on developer productivity.

The proposal details a workflow and separation of responsibilities in which
Service credentials can be stored in CredHub rather than the Cloud
Controller component of Cloud Foundry.

We'd like to be able to iterate on this document quickly, so please keep
your input and feedback in the comments of the document.

Thanks!
Dieu
CF Runtime PMC Lead


[1] https://goo.gl/p1oxh7