Ashley Manraj

In Ed25519 isn't the public key derived from the chosen private key itself derived from an initial 32 byte seed ?

Protocol definition isn't even well defined in your post reference from the IETF. As the post mentions, URL definition is required for oathkeeper evaluation. Standard headers or cookies don't exist...

@aeneasr any news for linter and the content of the PR itself ?

Outside linting @aeneasr any changes required or discussion to alter ?

@aeneasr have to check licensing but a reference from pachyderm exists : https://github.com/pachyderm/pachyderm/pull/3834/files

You are allowed to define regex in oathkeeper rules : But you are describing an anti security pattern for API you are supposed to define oathkeeper rule updates with all...

I would expect to have your CORS rules in your north south microservice gateway (emissary, ambassador, traefik, contour, kong) mapping not in your authservice. But then you have to authorize...