Request for cryptographic mechanisms used in cert-manager-trust-manager #848
Description
Hi cert-manager team,
As part of a security documentation update, we are creating a Cryptographic Bill of Materials (CBOM) and would like to understand the cryptographic mechanisms used by cert-manager-trust-manager.
Specifically, we are looking for clarification on:
The types of cryptographic material handled (e.g., CA certificates, trust bundles, mTLS)
The cryptographic algorithms involved
The source or storage location of this material (e.g., Kubernetes Secrets, ConfigMaps, external trust sources)
The purpose of each cryptographic mechanism (e.g., trust distribution, certificate validation, secure internal communication)
Any confirmation or references to official documentation would be very helpful for our compliance records.
Thank you for your time and support.