From 8bd6419d695ac00f4422ce7d4ffe13de72d405a8 Mon Sep 17 00:00:00 2001 From: Andrii Deinega Date: Tue, 7 May 2024 10:20:23 -0700 Subject: [PATCH] Update 20240507.md --- notes/20240507.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/notes/20240507.md b/notes/20240507.md index e9e9af8..d58c2d0 100644 --- a/notes/20240507.md +++ b/notes/20240507.md @@ -26,7 +26,7 @@ - Dmitry, Dean agree - Dmitry - OAuth to SPIFFE needs a bit better definition - look at word doc - - Andrii - SPIFFE/SPIRE don't use tokens they use certificates for authN not authZ + - Andrii - SPIFFE/SPIRE use JWT and X509 for authN, not authZ - OAuth is usually coarse grained scopes, this does not translate well to fine grained authZ **THIS IS AN OPEN UNSOLVED ISSUE** - Dean - RAR / PAR?