Agreed that storing the full token seems risky. If a vulnerability exposes memory, or core dumps are shared, valid tokens could be exposed. An option would be storing tokens in a "de-fanged" state. Validate the token, remove the signature, and store the token into `creds`. Clients reading from `creds` trust that the signature was valid. (This might be tricky if libraries can't separate signature checks from expiration checks.) -- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1584#issuecomment-1035109137 You are receiving this because you commented. Message ID: <[log in to unmask]> ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1