[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (AMQP-137) Guidance should be given on associating the container identity to a security context
Rob Godfrey created AMQP-137: -------------------------------- Summary: Guidance should be given on associating the container identity to a security context Key: AMQP-137 URL: https://issues.oasis-open.org/browse/AMQP-137 Project: OASIS Advanced Message Queuing Protocol (AMQP) TC Issue Type: Improvement Components: Security Reporter: Rob Godfrey (Durable) Link identity is defined in terms of the tuple (source container id, target container id, name). As such if a connection is created to remote container C identifying itself as (local) container L, then that connection can recover (or steal) any durable links between L and R. As such it is important that container identities are somehow tied to a security context. Each side in connection establishment should have some mechanism for verifying that their remote peer has the authority to claim the container-id they are presenting. -- This message was sent by Atlassian JIRA (v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]