I see. I was just wondering if is possible to avoid the key pair exposition and if the
idea is valid. For our clients, establish a key agreement (ECDH for example) and use the
shared key to sign JSON[1].
Does it make sense?
[1] - http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-25#section-4.6.1
--
abstractj
On April 2, 2014 at 4:27:29 PM, Bill Burke (bburke(a)redhat.com) wrote:
> Not sure what you mean. The keypair is for the realm. When you
create
a realm this keypair is automatically generated. The only reason
it
exists in the example imported json files is so that the example
adapter
configs can run out of the box.