sbp commented on issue #233: URL: https://github.com/apache/tooling-trusted-releases/issues/233#issuecomment-3577574617
We need to consider whether we still want to use scannable prefixes if we use DPoP tokens instead of bearer tokens (#335). RFC 9449 ยง 2 says that "DPoP renders exfiltrated tokens alone unusable", which is true (and not true of an exfiltrated DPoP proof, within tight constraints), but we would still like to know when tokens, which should remain secret, are accidentally shared in public. In other words, a prefix helps not to identify exposure of a DPoP token, which cannot be used without its corresponding private key, but to identify broken workflows or practices that allowed that token to be shared in the first place. Such workflows may also be exposing other secret data. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
