I agree with Dan that #2+#3 is the reasonable route forward if we want to leave this functionality enabled or leave a "soft landing" for people while they work on different results.
I do not thing #3 by itself would be enough to mitigate the concern entirely for all threat models (e.g.; a public cloud).
I agree with Dan that #2+#3 is the reasonable route forward if we want to leave this functionality enabled or leave a "soft landing" for people while they work on different results.
I do not thing #3 by itself would be enough to mitigate the concern entirely for all threat models (e.g.; a public cloud).