APIs in commons that use or manipulate cryptographic secrets should use the new commons secrets API that has been added in order to do so. This should make integration into products simpler.
Existing APIs that deal in raw (byte, Key, etc.) secret values should be removed.
- All APIs that use cryptographic secrets should be switched to use the Secrets API
- The only remaining APIs that use raw secret values are those for which integration is made difficult in products. Those APIs should be marked as deprecated.