[Openid-specs-ab] HTTPS JWKS style key rotation for SAML/XML-DSig
Brian Campbell
bcampbell at pingidentity.com
Fri Jun 26 15:43:26 UTC 2015
This document <https://goo.gl/6uWxT7>[0] was something done during the
course of some work a few months ago - it briefly proposes how a JWK Key ID
can be used within an XML Signature to convey to the recipient what key was
used to sign the XML and thusly what key to use to verify the signature. It's
not rocket surgery but maybe a useful thing to codify, which might help
with migration and coexistence of older and newer protocols.
Anyway, no action required or even suggested here. I just wanted to put the
idea out there and the mailing lists of a few of these (sorta) related WGs
seemed as good a place as any.
[0] https://goo.gl/6uWxT7
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150626/352230a9/attachment.html>
More information about the Openid-specs-ab
mailing list