Should the token key ID be only one bit?

ietf-wg-privacypass / draft-ietf-privacypass-rate-limit-tokens

Other

1 stars 5 forks source link

Should the token key ID be only one bit? #1

Closed tfpauly closed 1 year ago

tfpauly commented 2 years ago

From https://github.com/tfpauly/privacy-proxy/issues/222

With https://github.com/tfpauly/privacy-proxy/pull/220, we have a 8-bit key ID that the issuer (but not attester) sees. We can consider moving this to be one bit only, to allow rotation while not having to worry about key targeting/consistency checks.

tfpauly commented 1 year ago

I'm proposing that we keep the key ID as-is, since we'll need to have key consistency checks as-is.

tfpauly commented 1 year ago

Closing this in favor of key consistency