Fix spec to specify that "look up signing keys" returns the six most recent non-expired keys (or three for PMBTokens).

WICG / trust-token-api

Trust Token API

https://wicg.github.io/trust-token-api/

Other

415 stars 82 forks source link

Fix spec to specify that "look up signing keys" returns the six most recent non-expired keys (or three for PMBTokens). #233

Open dvorak42 opened 1 year ago

dvorak42 commented 1 year ago

signingKey should generally refer to a set of keys, except for insert token (which should bind to the specific key that the token was issued against).

dvorak42 commented 1 year ago

Define the specific algorithm for selecting the 6 non-expired keys (sort by expiry and then by raw byte ordering).