Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Double key tokens #15

Open
pes10k opened this issue Apr 19, 2019 · 1 comment
Open

Double key tokens #15

pes10k opened this issue Apr 19, 2019 · 1 comment

Comments

@pes10k
Copy link

pes10k commented Apr 19, 2019

It would add some extra zip to the privacy angle here if tokens could be double keyed under the top level and frame domain, and it would satisfy most use cases. What would you think of an amendment to the proposal to double key all tokens?
@michael-oneill
Copy link

Double keying in general is good for privacy, so I would vote yes - as long as the quid pro quo wasn't to raise the default duration. If a subresource can only use a token for an hour I don't think double keying adds much from a privacy POV.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pes10k @michael-oneill