You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In preparation for moving from pyjwkest to PyJWT, we need to update our JWT_PRIVATE_SIGNING_JWK. Currently, it has a few of the optional parameters set. However, to be compatible with PyJWT, we need to either have all of these parameters set, or none of them.
Arch BOM needs access to the original value in order to see which parameters are set, add the new ones, then re-encrypt. We need SRE to decrypt it and give us (or just @rgraber as eSRE) access in Keeper or through some other secure method. We also need to make sure we're not using any old public keys in production.
We could roll the JWK instead of updating its contents, but that would require updating the public key in every IDA in every environment, which is a significant lift. See openedx/edx-platform#31927 for a description of the original issue.
The text was updated successfully, but these errors were encountered:
In preparation for moving from pyjwkest to PyJWT, we need to update our JWT_PRIVATE_SIGNING_JWK. Currently, it has a few of the optional parameters set. However, to be compatible with PyJWT, we need to either have all of these parameters set, or none of them.
Arch BOM needs access to the original value in order to see which parameters are set, add the new ones, then re-encrypt. We need SRE to decrypt it and give us (or just @rgraber as eSRE) access in Keeper or through some other secure method. We also need to make sure we're not using any old public keys in production.
We could roll the JWK instead of updating its contents, but that would require updating the public key in every IDA in every environment, which is a significant lift. See openedx/edx-platform#31927 for a description of the original issue.
The text was updated successfully, but these errors were encountered: