Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Protocol Versioning #80

Open
EthanHeilman opened this issue Dec 21, 2023 · 0 comments
Open

Protocol Versioning #80

EthanHeilman opened this issue Dec 21, 2023 · 0 comments
Assignees
@EthanHeilman

Comments

@EthanHeilman
Copy link
Member

This is a very early draft to pose the questions of how we think about versioning OpenPubkey.

This issue exists to think discuss if, and in what places ,we might want to version the OpenPubkey. The primary purpose of such versioning would be simplify our lives. We should take a goal that version must be simple and not introduce complex handshakes or versioning negotiation.

PK Token versioning:

We can version the PK Token using a key in the protected header of each signature we want to version. The OP signature and payload can't be versioned because it is OIDC token and not under our control. Do we want one version for the entire PK Token or instead version the CIC Signature and COS Signature separately.

MFA Cosigner API Versioning

The MFA Cosigner API uses the well-known URI and this provides an excellent point to specify parameters and versions from the cosigner to the client.

OSM and POP Auth versioning

OSM and POP Auth could be versioned at the signature or the API layer.
@EthanHeilman EthanHeilman self-assigned this Dec 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@EthanHeilman EthanHeilman

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@EthanHeilman