Firstyear
Firstyear
https://github.com/kanidm/kanidm/issues/256
We have issues with ed25519 in webauthn-rs just because it's not properly supported in the ecosystem cryptographically, but that's "our problem". RS256 is okay, but the risk is sometimes they'll...
Just ran into this issue myself, is the tutorial still not updated for 2021?
> 1. What's the current status of this issue? The API change is still going to happen right? No api change is needed, it's just a change in the cli...
As it currently stands I think neither of these are viable. mTLS is too hard, and dpop is for api/services only rather than for browsers. So I'm not sure there...
Actually, mTLS is *harder* because then we need a more complex listener to do client auth on some connections but not others etc. As well, it's a pain in the...
> Oh, I didn't say it was _easy_ but optional client cert auth (at least in the rustls implementation) is [a flag](https://docs.rs/rustls/latest/rustls/server/struct.AllowAnyAnonymousOrAuthenticatedClient.html). There's an [example axum implementation](https://github.com/ttys3/rust-mtls-axum-example/blob/45d07d3545a1affeeaf854dc6c4d1d7b3417c5fd/src/main.rs#L121). With Axum it'd...
I think we can close it.
We also should support extended/custom claim maps
Which of our layers is the problem here though? All of our components pass the request though, I think the linked issue specifically drops the request in question. Regardless, I...