Add: requirement that signing keys be rotated, distributed securely

author: Lars Wirzenius <liw@liw.fi> 2019-03-31 18:48:06 +0300
committer: Lars Wirzenius <liw@liw.fi> 2019-03-31 18:48:06 +0300
commit: c26ee73aafd211365b3b8bb51ca4466887c9617e (patch)
tree: edc5ed2b93375423f746090ad2612626a850ec7f
parent: 1215bc4bbb8654fdfc9d48cab2440d4674635b30 (diff)
download: ick.liw.fi-c26ee73aafd211365b3b8bb51ca4466887c9617e.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/yuck.mdwn b/yuck.mdwn
index 5a4ad2b..3c81250 100644
--- a/yuck.mdwn
+++ b/yuck.mdwn
@@ -183,6 +183,9 @@ reference in discussions.
   authentication cannot ever succeed.
 * (KILLSESSION) It must be possible to kill existing web sessions to
   kick out someone who is logged in to Yuck.
+* (KEYROTATION) The IDP MUST rotate signing keys so that a leaked key
+  can be easily replaces. The IDP MUST have a secure way to distribute
+  the key to clients.
 
 
 # Architecture: the ecosystem
author	Lars Wirzenius <liw@liw.fi>	2019-03-31 18:48:06 +0300
committer	Lars Wirzenius <liw@liw.fi>	2019-03-31 18:48:06 +0300
commit	c26ee73aafd211365b3b8bb51ca4466887c9617e (patch)
tree	edc5ed2b93375423f746090ad2612626a850ec7f
parent	1215bc4bbb8654fdfc9d48cab2440d4674635b30 (diff)
download	ick.liw.fi-c26ee73aafd211365b3b8bb51ca4466887c9617e.tar.gz