<div dir="ltr">...sorry, and by "private key" I mean the realm private key.</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Aug 26, 2014 at 8:52 PM, Alarik Myrin <span dir="ltr"><<a href="mailto:alarik@zwift.com" target="_blank">alarik@zwift.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Does anyone think it would be a good idea to store the private key encrypted? This would require a separate secret, presumably stored in a configuration file, or using the PicketLink Vault Tool, to decrypt the private key for use. Anyone who can get the private key can start issuing access tokens to whatever resources they want.</div>
</blockquote></div><br></div>