-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issuer claim in Workload ID Tokens #14
Comments
@arndt-s is this addressed in section 4.1 where an iss claim is defined? |
Section 4.1 came after this issue but I believe the question is still valid. SPIFFE does not need the issuer as it uses the authority part of the SPIFFE URI as an implicit issuer. However, this makes SPIFFE JWT-SVIDs not compatible with this draft as they do not contain an "iss" claim according to the specification. Maybe something to check with SPIFFE community though, maybe they'll accept adding it if this would be the only delta. |
@arndt-s The big change from SPIFFE is the |
@yaronf yes and no in my opinion. |
Do Workload ID tokens require an
iss
claim or is the issuer implicit as part of the WIMSE URI in thesub
claim?Also, does the
iss
claim add any additional value in scope of this draft aka "Does this draft work withoutiss
claim?"The text was updated successfully, but these errors were encountered: