Security
This section will document security configuration and best practices for SAPL deployments.
Planned Topics
- TLS configuration: Configuring transport-layer security for PDP server and client connections
- Certificate management: Managing server and client certificates
- Bundle signing and verification: Cryptographic signing of policy bundles, key management, verification workflow
- Secrets management: Subscription secrets, PDP-level secrets,
pdp.jsonvariables, and the three-level priority chain - Secure-by-default philosophy: SAPL’s approach to failing closed and defense in depth
Planned content. This page will be expanded with configuration examples and deployment guides.