Project

General

Profile

Feature #119

GDP commands and responses should (potentially) be signed

Added by Eric Allman 16 days ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Start date:
04/09/2019
Due date:
% Done:

0%


Description

Currently GDP data is signed, but commands and responses are not.

Commands need to be signed in some (but not all) cases to grant special permissions. For example, the ability to delete a log would require owner permission, the ability to migrate a log might require some administrative permission, and the ability to add records to HONGD will require "creation service" credentials. Some commands do not need this; for example, APPEND can sign the data rather than command itself.

Responses will in some cases need to be signed. For example, errors (NAKs) should be signed to prevent DoS attacks. CONTENT replies do not need to be signed since the data itself is.


Related issues

Related to GDP - Feature #120: HONGD should be accessed using the GDP network protocol New 04/09/2019

History

#1 Updated by Eric Allman 16 days ago

  • Related to Feature #120: HONGD should be accessed using the GDP network protocol added

Also available in: Atom PDF