Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-73495

Allow JWKS refresh to invalidate keys even on failure

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 7.0.0-rc0
    • None
    • None
    • None
    • Server Security
    • Fully Compatible
    • Security 2023-02-20, Security 2023-03-06

    Description

      If forced JWKS refresh fails, any cached JWKSes are left active in memory. This preserves availability. However, administrators perform JWKS refresh to recover from IdP private key compromise. It can be important for compromised key material to be distrusted, even if we are unable to obtain fresh, valid, material.

      We should introduce a mechanism which lets us flush JWKS even on re-acquisition failure.

      Attachments

        Activity

          People

            adrian.gonzalez@mongodb.com Adrian Gonzalez Montemayor
            spencer.jackson@mongodb.com Spencer Jackson
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: