Barry Dorrans

Yes, that gap has been a long standing problem. The solution is, frankly, Identity Server, it's what we've recommended for Core, and we didn't want to start reinventing the wheel....

And thanks for reminding me. I need to find a way to write up why it's not there right now, so it's not a surprise. It will come at some...

There's no good pattern if you're trying to keep things with certificate locally, rather than key store. The flow would be - Generate new certificate - Load it along side...

Given the desire to drive templates to be smaller, this is probably a rare enough want that it doesn't need template integration, but documentation will suffice.

@HaoK A ToString() is needed here, or whatever it takes to expand the error list.

@HaoK i believe this is expected right? You shouldn't mix policies and filters

@bartonjs as an FYI

Have the meeting. And invite me.

@bartonjs As the "be a CA" code is yours do you think it's worth giving a C# sample here?

As a reminder this will require CSRF supoprt.