Uploaded image for project: 'Syncope'
  1. Syncope
  2. SYNCOPE-1525

Documentation indicates sharing private key, hiding public key

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.0.14, 2.1.5
    • 2.0.15, 2.1.6, 3.0.0
    • documentation
    • None
    • This configuration requires to specify a key pair: the former key value, said private, must be shared with clients, while the latter key value, said public, must be kept secret for internal Core usage.

    Description

      The reference guide (found at https://syncope.apache.org/docs/2.1/reference-guide.html) references JWT asymmetric key signing, but when talking about the keys, it mentions that the private key should be shared and the public key should remain secret.  This is the opposite of what is generally practiced.  I am assuming that this is a typo and that public and private should be switched.  

       

      Here is the wording:

      This configuration requires to specify a key pair: the former key value, said private, must be shared with clients, while the latter key value, said public, must be kept secret for internal Core usage.

      Attachments

        Activity

          People

            ilgrosso Francesco Chicchiriccò
            dodtsair Michael Power
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: