Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add configurable not-before delay #77

Merged
merged 1 commit into from
Jan 6, 2025
Merged

Add configurable not-before delay #77

merged 1 commit into from
Jan 6, 2025
+21 −6

Conversation

thibmeu
Copy link
Contributor

@thibmeu thibmeu commented Jan 6, 2025

This commit adds KEY_NOT_BEFORE_DELAY_IN_MS binding. This is the delay that is going to be added when generating key to their notBefore parameter. This allow a key to be generated at time t to not be valid before t+KEY_NOT_BEFORE_DELAY_IN_MS.

Key rotation and tests are updated accordingly.
This is backward compatible with deployed codebase, defaulting to KEY_NOT_BEFORE_DELAY_IN_MS=0 which was the previous behaviour.

@thibmeu thibmeu added the enhancement New feature or request label Jan 6, 2025
@thibmeu thibmeu self-assigned this Jan 6, 2025
RageKnify
RageKnify reviewed Jan 6, 2025
View reviewed changes
Copy link
Member

@RageKnify RageKnify left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 nit and 1 question about design

src/index.ts Outdated Show resolved Hide resolved
src/bindings.ts Show resolved Hide resolved
@thibmeu
Add configurable not-before delay
99d4fa4 
This commit adds `KEY_NOT_BEFORE_DELAY_IN_MS` binding.
This is the delay that is going to be added when generating key to their
`notBefore` parameter. This allow a key to be generated at time `t` to
not be valid before `t+KEY_NOT_BEFORE_DELAY_IN_MS`.

Key rotation and tests are updated accordingly.
This is backward compatible with deployed codebase, defaulting to
`KEY_NOT_BEFORE_DELAY_IN_MS=0` which was the previous behaviour.
@thibmeu thibmeu force-pushed the add-configurable-not-before-delay branch from b5e80e9 to 99d4fa4 Compare January 6, 2025 14:01
@thibmeu thibmeu requested a review from RageKnify January 6, 2025 14:04
@thibmeu thibmeu merged commit bc1bdbc into cloudflare:main Jan 6, 2025
3 checks passed
@thibmeu thibmeu deleted the add-configurable-not-before-delay branch January 6, 2025 14:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ThePlexus ThePlexus ThePlexus approved these changes

@lbaquerofierro lbaquerofierro Awaiting requested review from lbaquerofierro

@kcxlee kcxlee Awaiting requested review from kcxlee

@RageKnify RageKnify Awaiting requested review from RageKnify

Assignees

@thibmeu thibmeu

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@thibmeu @RageKnify @ThePlexus