search

bloomberg / vault-auth-spire

vault-auth-spire is an authentication plugin for Hashicorp Vault which allows logging into Vault using a Spire provided SVID.
Apache License 2.0
41 stars 8 forks source link

SvidVerifier::Verify assumes an x509-based SVID #8

Open dennisgove opened 5 years ago

dennisgove commented 5 years ago

The current implementation of SvidVerifier::Verify assumes the SVID will be an x509-SVID and doesn't consider the possibility of a JWT-SVID.

Purpose: This issue will track the discussion and implementation of one of the following

  1. Implementation of support for JWT-SVID documents
  2. Creation of clear documentation describing support for only x509-SVID documents