VC-I-2 — PKCS#11 HSM PIN exposed in YAML config
Component: vc Platform. Mitigations: Documented risk; operators advised to use secrets manager. Action: Provide vault/env-var integration for HSM PIN per GEN-7.5-02
| Property | Value |
|---|---|
| Section | Information Disclosure |
| Owner | operator |
Mapped Controls
| Control | Title |
|---|---|
| SID-KEY-02 | IACA Certificate Management |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md