[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (MQTT-431) Review Re-authentication mechanism
Richard Coppen created MQTT-431:
-----------------------------------
Summary: Review Re-authentication mechanism
Key: MQTT-431
URL: https://issues.oasis-open.org/browse/MQTT-431
Project: OASIS Message Queuing Telemetry Transport (MQTT) TC
Issue Type: Bug
Components: core
Affects Versions: 5, wd13
Reporter: Richard Coppen
Fix For: 5
MQTT v5.0 introduces a new AUTH mechanism. This allows MQTT to bind with various authentication mechanisms such as SASL within the CONNECT / CONNACK exchange.
In its current form the Client is permitted to flow an Auth Packet for re-authenication at any point. There are a few potential issues with this approach:
1. Implementations might exploit the AUTH flow for application data and control.
2. Only the Client can initiate the re-authentication. In many cases the Server is likely to coordinate Clients to refresh keys.
3. It is likely that existing deployments simply use DISCONNECT to coordinate re-authentication and this might lead to little uptake on re-auth.
There are benefits to the current approach, for example in reducing bandwidth.
--
This message was sent by Atlassian JIRA
(v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]