You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently this isn't working correctly, so the demo doesn't always work. For the beta test, we'll only worry about the domain having one key present. Longer term, we'll upgrade to what's outlined in the design doc for key management and rotation.
The text was updated successfully, but these errors were encountered:
See the design doc for the keyring configuration file concepts and key lifecycle state machine. Basically we want to use the key in the KEY_STATUS_ACTIVE_PRIMARY state, as it has been published in DNS for adequate time for counterparties verifying our signature to have crawled it from DNS. Ideally rotation to a new signing key doesn't happen all-at-once but can instead be rolled out in a controlled fashion.
Currently this isn't working correctly, so the demo doesn't always work. For the beta test, we'll only worry about the domain having one key present. Longer term, we'll upgrade to what's outlined in the design doc for key management and rotation.
The text was updated successfully, but these errors were encountered: