IDP key rollover
Zico
mailzico at gmail.com
Tue Jul 7 21:05:10 UTC 2020
Got it. Thanks, Scott.
On Tue, Jul 7, 2020 at 2:51 PM Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 7/7/20, 3:42 PM, "users on behalf of Zico" <
> users-bounces at shibboleth.net on behalf of mailzico at gmail.com> wrote:
>
> > Quick question: isn't IDP key rollover supported in v3 or v4 now?
>
> Key rotation is not, modulo basic features any IdP has to support to be a
> non-toy, just a matter of software behavior. It's a meticulous process
> involving a whole range of technical and non-technical steps, and is
> generally painful at any scale.
>
> You never do it unless you have a specific reason, and you do it in such a
> way as to eliminate whatever issue caused it to happen so it doesn't recur.
>
> I have discussed mine at length on list. It took 9 months from start to
> finish.
>
> -- Scott
>
>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
--
Best,
Zico
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200707/fa4dc943/attachment.htm>
More information about the users
mailing list