Skip to content

Allow multiple Trust Anchor values in resolve requests #155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Dec 18, 2024
Merged

Allow multiple Trust Anchor values in resolve requests #155

merged 7 commits into from
Dec 18, 2024

Conversation

@selfissued
Copy link
Member

@selfissued selfissued commented Nov 30, 2024

Fixes #130

@peppelinux
Copy link
Member

peppelinux commented Nov 30, 2024

I request to move the trust chain in the response as REQUIRED for consistency

It makes sense to have It by default

@selfissued
Copy link
Member Author

selfissued commented Nov 30, 2024

I agree that it's more consistent to always include the trust_chain claim in the resolve response JWT.

@zachmann
Copy link
Collaborator

zachmann commented Dec 2, 2024

I want to open a discussion on whether the resolver "MAY return a successful resolve response using any one of the Trust Anchor values provided" (current text of the PR) or it SHOULD return the resolve response for the first Trust Anchor that resolves successfully.

I would argue for the later, since this gives guidance, but would still allow the resolver to do otherwise.

@peppelinux
Copy link
Member

peppelinux commented Dec 2, 2024
edited
Loading

"First" might depend from the ordering of the trust anchors provided within the array, "Any" might mean that it is only up to the trust evaluator decide which trust anchor to use.

Any gives more freedom to the resolver in taking its choice, while "First" sounds like it would be the requestor in deciding the ordering of the trust anchor on the basis of the priority it decides

rohe
rohe approved these changes Dec 18, 2024
View reviewed changes
@selfissued selfissued merged commit 1bb5492 into openid:main Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rohe rohe rohe approved these changes

@peppelinux peppelinux peppelinux approved these changes

@vdzhuvinov vdzhuvinov vdzhuvinov approved these changes

@ve7jtb ve7jtb Awaiting requested review from ve7jtb

@zachmann zachmann Awaiting requested review from zachmann

@MichaelFraser1999 MichaelFraser1999 Awaiting requested review from MichaelFraser1999

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Resolver with multiple trust anchors

5 participants

@selfissued @peppelinux @zachmann @rohe @vdzhuvinov