[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (MQTT-315) Extend authorization to include revalidation
Ken Borgendale created MQTT-315:
-----------------------------------
Summary: Extend authorization to include revalidation
Key: MQTT-315
URL: https://issues.oasis-open.org/browse/MQTT-315
Project: OASIS Message Queuing Telemetry Transport (MQTT) TC
Issue Type: Improvement
Components: core
Affects Versions: 5
Reporter: Ken Borgendale
In MQTT-255 we added enhanced authentication which allows for challenge / response authentication and other authentication in SASL style. We specifically removed the re-validation (multiple authentication) from that issue so we are creating this new issue to track re-validation.
The mechanism used for enhanced authentication (AUTH packet) can be extended without much problem to allow re-validation. However we need to design the semantics. This is not well defined in SASL (basically it just says it is possible without talking much about these semantics).
A few of the issues:
1. Who initiates re-validation. Is is always the client or can the server start it?
2. Is it required to re-validate using the same authentication method used to validate?
3. What can be done during the re-validation?
4. What do we tell the server to do if re-validation fails?
5. Does this work for all authentication methods or just some?
6. Does anybody want this badly enough to spend some time working on it?
--
This message was sent by Atlassian JIRA
(v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]