Uploaded image for project: 'Syncope'
  1. Syncope
  2. SYNCOPE-1525

Documentation indicates sharing private key, hiding public key

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.14, 2.1.5
    • Fix Version/s: 2.0.15, 2.1.6, 3.0.0
    • Component/s: documentation
    • Labels:
      None
    • Docs Text:
      This configuration requires to specify a key pair: the former key value, said private, must be shared with clients, while the latter key value, said public, must be kept secret for internal Core usage.

      Description

      The reference guide (found at https://syncope.apache.org/docs/2.1/reference-guide.html) references JWT asymmetric key signing, but when talking about the keys, it mentions that the private key should be shared and the public key should remain secret.  This is the opposite of what is generally practiced.  I am assuming that this is a typo and that public and private should be switched.  

       

      Here is the wording:

      This configuration requires to specify a key pair: the former key value, said private, must be shared with clients, while the latter key value, said public, must be kept secret for internal Core usage.

        Attachments

          Activity

            People

            • Assignee:
              ilgrosso Francesco Chicchiriccò
              Reporter:
              dodtsair Michael Power
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: