Print

Print
In the way rendezvous TPC work the ztn token will
never be used for anything other than validation (which is all that
ztn cares about anyway).
Good point, Andy.  Even if the ZTN token carries very specific audience and scope claims, the fact that the rendezvous key serves as an authorization "pass" means that this is a non-issue.

I also suspected that using the rendezvous token/key as authentication token in place of ZTN would present some problems for validation.

On the other hand, could you not have the situation where what is a valid ZTN token at the destination is not valid at the source?  If both are in the same organization, I suppose not, but inter-organizational?  That is, the issuer and audience recognized by one is not recognized by the other (ZTN validates those two things, at least on a JWT bearer token, correct?)

Al

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1