While key rotation and revocation in general is a topic beyond the scope of this spec, it seems pretty clear to me that we do need the basic ability to change from one key to another. Issues that are unclear on reading the spec whether the current proposal support multiple public keys in the integrity tag? If yes, will the UA check signature for every key in integrity tag?
While key rotation and revocation in general is a topic beyond the scope of this spec, it seems pretty clear to me that we do need the basic ability to change from one key to another. Issues that are unclear on reading the spec whether the current proposal support multiple public keys in the integrity tag? If yes, will the UA check signature for every key in integrity tag?