Dennis Gove

We have a need to set longer JWT-SVID expiration times in some of our Trust Domains. While it's nice that we can *currently* set the TTL in the entry registration...

If we want to stay completely backward compatible with existing behavior, then the default value for `max_jwtsvid_ttl` can be set to the `max(largest TTL in the registration table, default_jwtsvid_ttl)`. Such...

Without a doubt. I'm happy to get started on this. Thanks!

Hi @rturner3. I started looking at the required changes earlier today and came up with basically the same schedule, though was thinking v1.4 as I wasn't aware of the 2...

I'm making steady progress on the implementation of this support, but there are a lot of places that need updates (I'm finding). If curious you can view ongoing changes [here](https://github.com/dennisgove/spire/compare/main...jwt-ttl-2700).

I've submitted two PRs for this change. * https://github.com/spiffe/spire/pull/3445 * https://github.com/spiffe/spire-api-sdk/pull/29

One thing that hasn't been explicitly stated but I believe has been alluded to and would benefit from an explicit statement (to remove any ambiguity) is the following: The initial...

Hi @amartinezfayo - great question. My goal is to support authorizing administrative actions from entities outside of this specific Trust Domain. For example, an application running somewhere else which is...

Thanks @amartinezfayo for letting me know. Enhancing the `admin_ids` configuration option to support foreign trust domains will help. It doesn't quite give us as a dynamic ACL flow as we'd...

@dependabot merge