|
|
|
|
|
|
by toast0
1021 days ago
|
|
|
HSM are expensive, the performance is bad, and administration is a pain. They're almost certainly running many clusters of their auth servers around the world, and would need significant capacity at all the locations, in case traffic shifts. It's probably a better idea to pursue short lived private keys, rather than HSMs. If the timeline is accurate, the key was saved in a crash dump in 2021 and used for evil in 2023, monthly or quarterly rotation would have made the key useless in the two year period. A certificate chain is a little too long to include in access tokens, IMHO, but I don't know how Microsoft's auth systems work. |
|
|
The key expired in April 2021. Short lived keys only work if you actually check for expiry, which it appears they weren't doing.