at_server icon indicating copy to clipboard operation
at_server copied to clipboard

Published 20 hours ago verified publisher icon atsign-foundation

Introducing Auto-Expiry and Time-to-Birth Features for APKAM Keys

Open sitaram-kalluri opened this issue 5 months ago • 0 comments

Is your feature request related to a problem? Please describe.

Currently, the APKAM keys do not have an auto-expiry feature. Enhance the APKAM keys by allowing users to set an auto-expiry, after which the keys will no longer be valid for authentication.

Additionally, introduce a time-to-birth mechanism, enabling users to specify when the atKeys will become active, alongside the existing time-to-live functionality.

Describe the solution you'd like

  • In the enrollment request, allow user to specify "TTL" and "TTB" which represents the time duration in minutes. When TTL represents "time to live", beyond which the APKAM keys will be inactive for usage.
  • When TTL is met, the APKAM keys cannot be used for authentication and subsequently the enrollment data will be deleted from the keystore.

sitaram-kalluri avatar Aug 27 '24 13:08 sitaram-kalluri