JWKS for KAS keys - Githubissues

opentdf / platform

OpenTDF Platform monorepo enabling the development and integration of _forever control_ of data into new and existing applications. The concept of forever control stems from an increasingly common concept known as zero trust.

BSD 3-Clause Clear License

17 stars 5 forks source link

JWKS for KAS keys #1085

Open pflynn-virtru opened 2 months ago

pflynn-virtru commented 2 months ago

All keys available for encryption via SDK clients should be exposed with a JWKS endpoint.

Each JWK should have a property that can be used to match an attribute to a key.

relates to:

https://github.com/opentdf/platform/issues/717
https://github.com/opentdf/platform/issues/335

strantalis commented 1 month ago

@pflynn-virtru Why do we want to match an attribute to a key? Shouldn't we always just get the most up to date key from kas?

Don't we already offer the jwk option from the public key endpoint.