Could anyone help me understand the `secrets cookie` and `se

Question

Could anyone help me understand the `secrets cookie` and `secrets cipher` parameters in kratos configuration What algorithm does kratos use for encrypting cookies How to securely generate these secrets and how frequently should we rotate them Pointing to the code will help too I don t find a lot of details in the reference section Thanks

polite-electrician-27480 · Answer

seems like kratos is using AES for encryption and using the library <https github com gtank cryptopasta>

polite-electrician-27480 · Answer

But then I don t understand how will one provide the key in bytes in a config string Bytes are not all printed chars

polite-electrician-27480 · Answer

and what are we encrypting using `secrets cipher`