CCF icon indicating copy to clipboard operation
CCF copied to clipboard

Published 20 hours ago verified publisher icon microsoft

Duplicate JWK kids across issuers are not handled correctly

Open achamayou opened this issue 2 years ago • 0 comments

CCF's KV schema and internal logic assumes JWK kids uses for JWT authentication are unique globally, not per issuer. This is an incorrect assumption, as per https://www.rfc-editor.org/rfc/rfc7517#page-8

achamayou avatar Apr 14 '23 06:04 achamayou