search

mojaloop / design-authority-project

This is the Issue and Decision Log for tracking mojaloop and related Designs
1 stars 2 forks source link

Update JWS documentation to reflect mandatory use of certificates for embedding JWS public keys #110

Open bushjames opened 4 months ago

bushjames commented 4 months ago

Current documentation here: https://docs.mojaloop.io/api/fspiop/pki-best-practices.html#json-web-signature says that certificates should be used for handling JWS public keys. At the DA meeting on 2024-05-08 it was agreed by those present to update this wording thus:

  1. change the word should to must
  2. add some explanation of the rationale behind this requirement.
bushjames commented 1 month ago

@elnyry-sam-k to raise this with CCB and report back to DA at next available opportunity.

bushjames commented 1 month ago

CCB have agreed, FSPIOP SIG will be approached next.

henrka commented 3 weeks ago

FSPIOP SIG is OK with the suggestion above.