Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow Expired Certs Per Identity Once #2094

Open
andrewpmartinez opened this issue Jun 10, 2024 · 2 comments
Open

Allow Expired Certs Per Identity Once #2094

andrewpmartinez opened this issue Jun 10, 2024 · 2 comments
Labels
Orange

Comments

@andrewpmartinez
Copy link
Member

No description provided.

@qrkourier
Copy link
Member

Is this aimed at recovering from a condition where a client cert's expired, to allow renewal, or is this more about changing the internal model such that client cert expiry can be enforced on a per-identity basis, or both?

@andrewpmartinez
Copy link
Member Author

  1. SDKs can extend their certs, but don't. As the capability becomes implemented clients will begin to do so. This allows someone to enforce cert expiration w/o losing existing clients.
  2. It could also be used for recovery scenarios.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Orange
Projects
Security/IdP Features & Capabilities
Status: Orange
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andrewpmartinez @qrkourier