Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

geo-location use case #50

Open
janaiyengar opened this issue Sep 27, 2021 · 2 comments
Open

geo-location use case #50

janaiyengar opened this issue Sep 27, 2021 · 2 comments
Labels
Future Version Private Access Tokens

Comments

@janaiyengar
Copy link
Collaborator

The issuer only needs a key per geo, not a key per {ORIGIN_ID, GEO} tuple. While it might be useful to do this per origin, it isn't necessary for the use case.

This particular use case also then requires the Issuer to trust the Mediator, since the Mediator is the one that determines the user's geo.
@FredericJacobs
Copy link
Collaborator

If the key is not per origin_id, tokens can be reused across origins. So I think that we must partition by origin_id, no? @tfpauly

@tfpauly
Copy link
Owner

tfpauly commented Sep 27, 2021

@FredericJacobs the token message that's signed includes the origin name, so the issuer doesn't need to have per-origin keys.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Future Version Private Access Tokens
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@FredericJacobs @tfpauly @janaiyengar