You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Section 7.2.1 says about the exp claim of the delegation jwt:
OPTIONAL. Number. Time when this delegation stops being valid. This is expressed as Seconds Since the Epoch, per [RFC7519]. If not present, it means that the delegation does not expire and is valid until revoked.
The very last part implies that the delegation jwt can be revoked. However, I cannot find any hints on a revocation mechanism for delegation jwts in the spec, also there is no status endpoint or other mechanism defined to verify the delegation apart from verifying the delegation jwt.
I would argue that the last part and is valid until revoked should be removed. It then would also be in line with the exp claim description of the trust mark jwt.
The text was updated successfully, but these errors were encountered:
Section 7.2.1 says about the
exp
claim of the delegation jwt:The very last part implies that the delegation jwt can be revoked. However, I cannot find any hints on a revocation mechanism for delegation jwts in the spec, also there is no status endpoint or other mechanism defined to verify the delegation apart from verifying the delegation jwt.
I would argue that the last part
and is valid until revoked
should be removed. It then would also be in line with theexp
claim description of the trust mark jwt.The text was updated successfully, but these errors were encountered: