...
Also, with the RPM install, ALLOW_WRITE = * which seems inherantly insecure. What should ALLOW_WRITE be when using idtokens so that things don't use host_based authentication?Does this even matter when use security:recommended_v9_0
idtokens
SEC_TOKEN_POOL_SIGNING_KEY (a.k.a. pool signing key): where does it need to live? Only on the CM? On all nodes? Other?
...