[Openid-specs-ab] [openid/connect] provide key rollover guidance (issue #704)
Brian Campbell
issues-reply at bitbucket.org
Mon Jan 21 22:36:29 UTC 2013
--- you can reply above this line ---
New issue 704: provide key rollover guidance
https://bitbucket.org/openid/connect/issue/704/provide-key-rollover-guidance
Brian Campbell:
Though not captured exactly in the notes http://lists.openid.net/pipermail/openid-specs-ab/Week-of-Mon-20121231/002773.html one of the action items (as I understood it) was for Mr. Bradley to draft some text describing how to accomplish rolling keys given the constructs provided by connect. That was nearly three weeks ago, however, so I'm submitting the ticket on his behalf.
I think https://bitbucket.org/openid/connect/issue/703/key-publication-needs-to-be-reworked needs to be resolved first. Then working though the details of how kid (and maybe x5t) and the x509 and jwk endpoints can be used to rotate keys would be a useful exercise to validate that and might help provide some guidance to implementers and deployers too.
--
This is an issue notification from bitbucket.org. You are receiving
this either because you are the owner of the issue, or you are
following the issue.
More information about the Openid-specs-ab
mailing list