Open peppelinux opened 3 months ago
We can handle this case with the assertion status ‘SUSPENDED’ until the credential becomes valid. WDYT?
We should resolve this first: https://github.com/peppelinux/draft-demarco-oauth-status-assertions/issues/83#issue-2533906802
nbf
,iat
, exp
should be optional in base specs, they can be made mandatory in profiles for specific types.
in my opinion, iat
and exp
should be mandatory in key binding tokens, and status assertions, since they are meant to be "short lived"... not all credential types that have status are meant to be "short lived".
Not all credentials expire.
I think we should provide examples for all cases of vc + sa with
iat
andexp
.There is also
nbf
which could interact negatively withiat
andexp
._Originally posted by @OR13 in https://github.com/peppelinux/draft-demarco-oauth-status-assertions/pull/65#discussion_r1635625370_