348
edits
Apps/WebApplicationReceipt/GenerationService: Difference between revisions
Jump to navigation
Jump to search
Apps/WebApplicationReceipt/GenerationService (view source)
Revision as of 19:34, 6 April 2012
, 6 April 2012→Comments / Concerns / Clarification Needed
Jstevensen (talk | contribs) |
|||
| Line 137: | Line 137: | ||
** [mhanson 2012-03-29] the private keys are intranet only - the public keys are "delivered carefully to the advertising point" - e.g. the public website | ** [mhanson 2012-03-29] the private keys are intranet only - the public keys are "delivered carefully to the advertising point" - e.g. the public website | ||
* [joes/kang - 2012-04-06] is the python glue on the HSM verifying that the keys it's signing are expiring after a day maximum? | * [joes/kang - 2012-04-06] is the python glue on the HSM verifying that the keys it's signing are expiring after a day maximum? | ||
** [mhanson 2012-04-06] No, that logic hasn't been written yet - all the HSM python glue knows how to do today is sign some next. I think we should use JWK as the serialization format - pinging benadida for expertise on that. | |||
===Security Review Notes=== | ===Security Review Notes=== | ||