jsalowey
commented
3 weeks ago PR#63 adds some of this. We may want to make more specification around what can be in the URI (no port, username; trust domain lowercase)
Open PieterKas opened 4 months ago
jsalowey
commented
3 weeks ago PR#63 adds some of this. We may want to make more specification around what can be in the URI (no port, username; trust domain lowercase)
Commenting as identity enthusiast as opposed to WIMSE co-chair
Section 5 states that the identifier may be used in an X.509 certificate. From reading the draft, this may be a client or a server certificate. Should we included additional details about the certificates themeselves? Should a workload be able to use the same certificate for client authentication and as a server? What are the extended key usage parameters that should be supported (can a cert have both)?