Feature #119: GDP commands and responses should (potentially) be signed - GDP - Global Data Plane

Feature #119

GDP commands and responses should (potentially) be signed

Added by Eric Allman about 4 years ago.

Status:

New

Priority:

Normal

Assignee:

Category:

Start date:

04/09/2019

Due date:

% Done:

Description

Currently GDP data is signed, but commands and responses are not.

Commands need to be signed in some (but not all) cases to grant special permissions. For example, the ability to delete a log would require owner permission, the ability to migrate a log might require some administrative permission, and the ability to add records to HONGD will require "creation service" credentials. Some commands do not need this; for example, APPEND can sign the data rather than command itself.

Responses will in some cases need to be signed. For example, errors (NAKs) should be signed to prevent DoS attacks. CONTENT replies do not need to be signed since the data itself is.

Related issues

History

#1 Updated by Eric Allman about 4 years ago

Related to Feature #120: HONGD should be accessed using the GDP network protocol added

Also available in: Atom PDF

Project

General

Profile

GDP

Issues

Custom queries

Feature #119

GDP commands and responses should (potentially) be signed

History

#1 Updated by Eric Allman about 4 years ago