Open bnfinet opened 5 years ago
how should we support iPhones with custom claims?
Use cases (things we'd like to store and maybe provide to nginx/an app)...
what are we storing and who's going to use it when? Will Vouch Proxy use it to interact with the IdP? Will a VP client (nginx, app) use it?
rather than going to an RDBMS, maybe we can provide a mechanism to discover another vouch on your network and then pass data between them using the shared secret.
This seems a bit easier than going full RDBMS and reduces the attack surface.
related to #109
I'd like to document the use cases which we would use and discuss options.
@artagel could you help me to flesh out the thinking here. You've already put quite a bit of good work into #109 but I'm spooked by the lack of iPhone support.